Integer Overflow Vulnerability in Slim Bootloader UEFI Firmware by Intel
CVE-2026-20753
Key Information:
- Vendor
Intel
- Vendor
- CVE Published:
- 12 May 2026
What is CVE-2026-20753?
The Intel Slim Bootloader's UEFI firmware has a vulnerability due to an integer overflow which can allow an adversary with privileged access to escalate privileges. This vulnerability permits local code execution without requiring user interaction. Attackers with local access can exploit this issue, utilizing techniques that demand low complexity. The implications of this vulnerability can severely affect the confidentiality, integrity, and availability of the affected systems.
Affected Version(s)
Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts. See references