Privilege Escalation Vulnerability in Slim Bootloader UEFI Firmware by Intel
CVE-2025-35968

7.1HIGH

Key Information:

Vendor: Intel
Status: Slim Bootloader
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-35968?

A potential vulnerability exists within the UEFI firmware for the Slim Bootloader, allowing local attackers to escalate privileges. This risk arises from a failure in the protection mechanism that can be exploited by malicious users with access to startup code and system management mode (SMM). Exploitation of this vulnerability requires a high level of complexity, but it does not necessitate special internal knowledge or user interaction. If successfully executed, this attack can compromise the confidentiality, integrity, and availability of the affected system, leading to significant implications for system security.

Affected Version(s)

Slim Bootloader See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Apr 15, 2025

JSON