Improper input validation in Intel(r) Reference Platforms May Allow An Escalation Of Privilege. System Software Adversary With A Privileged User Combined High Complexity Attack Enable This Result Potentially Occur Via Local Access When Requirements Are Present Without Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (High) Availability Vulnerable System, Resulting In Subsequent (None), (None) Impacts.

CVE-2025-20027

Improper input validation in the UEFI WheaERST module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.000 (12.0th percentile) — read the EPSS interpretation.

Affected products

N/a Intel(r) Reference Platforms May Allow An Escalation Of Privilege. System Software Adversary With A Privileged User Combined High Complexity Attack Enable This Result Potentially Occur Via Local Access When Requirements Are Present Without Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (High) Availability Vulnerable System, Resulting In Subsequent (None), (None) Impacts. — versions See references

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html