Privilege Escalation Vulnerability in Intel Xeon Processors
CVE-2025-24305

7HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Xeon(r) Processors
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-24305?

The Alias Checking Trusted Module (ACTM) firmware vulnerability in certain Intel Xeon processors may be exploited by a privileged user to escalate their privileges through local access, compromising system integrity. This insufficient control flow management can lead to unauthorized actions within the affected systems, emphasizing the need for timely updates and security patches.

Affected Version(s)

Intel(R) Xeon(R) processors See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Jan 23, 2025

JSON