Improper input validation in Intel(r) Reference Platforms May Allow An Escalation Of Privilege. System Software Adversary With A Privileged User Combined Low Complexity Attack Enable Local Code Execution. This Result Potentially Occur Via Access When Requirements Are Present Without Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (High) Availability Vulnerable System, Resulting In Subsequent Impacts.

CVE-2025-20105

Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local c…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.000 (14.2th percentile) — read the EPSS interpretation.

Affected products

N/a Intel(r) Reference Platforms May Allow An Escalation Of Privilege. System Software Adversary With A Privileged User Combined Low Complexity Attack Enable Local Code Execution. This Result Potentially Occur Via Access When Requirements Are Present Without Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (High) Availability Vulnerable System, Resulting In Subsequent Impacts. — versions See references

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html