Improper input validation in Intel(r) Reference Platforms May Allow An Escalation Of Privilege. System Software Adversary With A Privileged User Combined High Complexity Attack Enable Local Code Execution. This Result Potentially Occur Via Access When Requirements Are Not Present Without Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (High) Availability Vulnerable System, Resulting In Subsequent Impacts.

CVE-2025-20064

Improper input validation in the UEFI FlashUcAcmSmm module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.000 (7.9th percentile) — read the EPSS interpretation.

Affected products

N/a Intel(r) Reference Platforms May Allow An Escalation Of Privilege. System Software Adversary With A Privileged User Combined High Complexity Attack Enable Local Code Execution. This Result Potentially Occur Via Access When Requirements Are Not Present Without Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (High) Availability Vulnerable System, Resulting In Subsequent Impacts. — versions See references

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html