Vulnerability in Intel(r) Reference Platforms May Allow An Information Disclosure. System Software Adversary With A Privileged User Combined High Complexity Attack Enable Data Exposure. This Result Potentially Occur Via Local Access When Requirements Are Not Present Without Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (None) Availability Of Vulnerable System, Resulting In Subsequent (None), Impacts.

CVE-2025-22850

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enabl…

Vulnerability class: TOCTOU (Time-of-Check to Time-of-Use)

EPSS: 0.000 (3.4th percentile) — read the EPSS interpretation.

Affected products

N/a Intel(r) Reference Platforms May Allow An Information Disclosure. System Software Adversary With A Privileged User Combined High Complexity Attack Enable Data Exposure. This Result Potentially Occur Via Local Access When Requirements Are Not Present Without Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (None) Availability Of Vulnerable System, Resulting In Subsequent (None), Impacts. — versions See references

Weakness classification (CWE)

CWE-367 — Time-of-check Time-of-use (TOCTOU) Race Condition

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html