Privilege Escalation Vulnerability in Intel Xeon Processors
CVE-2025-24305

7HIGH

Key Information:

Vendor

Intel

Vendor
CVE Published:
12 August 2025

What is CVE-2025-24305?

The Alias Checking Trusted Module (ACTM) firmware vulnerability in certain Intel Xeon processors may be exploited by a privileged user to escalate their privileges through local access, compromising system integrity. This insufficient control flow management can lead to unauthorized actions within the affected systems, emphasizing the need for timely updates and security patches.

Affected Version(s)

Intel(R) Xeon(R) processors See references

References

CVSS V4

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.