Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-20068 (GCVE-0-2025-20068)
Vulnerability from cvelistv5 – Published: 2026-03-10 22:49 – Updated: 2026-03-12 03:55
VLAI
EPSS
Summary
Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Severity
CWE
- Escalation of Privilege
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T03:55:38.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T22:49:19.979Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-20068",
"datePublished": "2026-03-10T22:49:19.979Z",
"dateReserved": "2024-10-10T03:00:11.168Z",
"dateUpdated": "2026-03-12T03:55:38.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-20068",
"date": "2026-05-29",
"epss": "0.00039",
"percentile": "0.121"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-20068\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2026-03-10T23:16:42.100\",\"lastModified\":\"2026-03-11T13:52:47.683\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.\"},{\"lang\":\"es\",\"value\":\"La validaci\u00f3n de entrada incorrecta en el m\u00f3dulo UEFI ImcErrorHandler para algunas plataformas de referencia Intel(R) puede permitir una escalada de privilegios. Un adversario de software del sistema con un usuario privilegiado combinado con un ataque de alta complejidad puede habilitar la escalada de privilegios. Este resultado puede ocurrir potencialmente a trav\u00e9s de acceso local cuando los requisitos de ataque est\u00e1n presentes sin conocimiento interno especial y no requiere interacci\u00f3n del usuario. La vulnerabilidad potencial puede impactar la confidencialidad (alta), integridad (alta) y disponibilidad (alta) del sistema vulnerable, resultando en impactos subsiguientes en la confidencialidad (ninguna), integridad (ninguna) y disponibilidad (ninguna) del sistema.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"secure@intel.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"references\":[{\"url\":\"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html\",\"source\":\"secure@intel.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20068\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-11T13:50:58.816210Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-11T13:51:03.246Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 7.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.\", \"versions\": [{\"status\": \"affected\", \"version\": \"See references\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html\", \"name\": \"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Escalation of Privilege\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2026-03-10T22:49:19.979Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-20068\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-12T03:55:38.018Z\", \"dateReserved\": \"2024-10-10T03:00:11.168Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2026-03-10T22:49:19.979Z\", \"assignerShortName\": \"intel\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0261
Vulnerability from certfr_avis - Published: 2026-03-11 - Updated: 2026-03-11
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | les processeurs Intel | Intel Xeon D processor Family | ||
| Intel | les processeurs Intel | Intel Core X-series Processors | ||
| Intel | les processeurs Intel | 8th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Intel Atom Processor X Series | ||
| Intel | les processeurs Intel | Intel Xeon W processor 2200 series | ||
| Intel | les processeurs Intel | Intel Xeon Scalable processor family | ||
| Intel | les processeurs Intel | Intel Atom Processors | ||
| Intel | les processeurs Intel | Intel Xeon 6 | ||
| Intel | les processeurs Intel | Intel Atom C5000 and P5000 Product Family | ||
| Intel | les processeurs Intel | 10th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Intel Xeon W processor 2100 series Intel Core X-series processor | ||
| Intel | les processeurs Intel | Intel Xeon Processor E7 v3 Family | ||
| Intel | les processeurs Intel | Intel Core Ultra Processors Series 1 | ||
| Intel | les processeurs Intel | 3rd Generation Intel Xeon Scalable Processor Family | ||
| Intel | les processeurs Intel | 7th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Intel Atom C processor Family | ||
| Intel | les processeurs Intel | 9th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Intel Xeon Processor D NS Family | ||
| Intel | les processeurs Intel | 5th Generation Intel Xeon Scalable Processors | ||
| Intel | les processeurs Intel | Intel Core Ultra Processors Series 2 | ||
| Intel | les processeurs Intel | 13th Generation Intel Core Processors | ||
| Intel | les processeurs Intel | 12th Generation Intel Core Processors | ||
| Intel | les processeurs Intel | Intel Xeon E processor family | ||
| Intel | les processeurs Intel | Intel Xeon Processor E5 v4 Family | ||
| Intel | les processeurs Intel | Intel Atom Processors P6000 | ||
| Intel | les processeurs Intel | 2nd Generation Intel Xeon Scalable Processors | ||
| Intel | les processeurs Intel | 1st Generation Intel Xeon Scalable processor | ||
| Intel | les processeurs Intel | 11th Generation Intel Core Processors | ||
| Intel | les processeurs Intel | 4th Generation Intel Xeon Scalable processors | ||
| Intel | les processeurs Intel | Intel Xeon W Processor Family | ||
| Intel | les processeurs Intel | Intel Xeon W processor 3100 series |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel Xeon D processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Core X-series Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "8th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processor X Series",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon W processor 2200 series",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Scalable processor family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon 6",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom C5000 and P5000 Product Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "10th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon W processor 2100 series\n\nIntel Core X-series processor",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Processor E7 v3 Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Core Ultra Processors Series 1",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "3rd Generation Intel Xeon Scalable Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "7th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom C processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "9th Generation Intel Core Processor Family ",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Processor D NS Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "5th Generation Intel Xeon Scalable Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Core Ultra Processors Series 2",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "13th Generation Intel Core Processors\n\n",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "12th Generation Intel Core Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon E processor family ",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Processor E5 v4 Family ",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processors P6000",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "2nd Generation Intel Xeon Scalable Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "1st Generation Intel Xeon Scalable processor",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "11th Generation Intel Core Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "4th Generation Intel Xeon Scalable processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon W Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon W processor 3100 series",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-20068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20068"
},
{
"name": "CVE-2025-22850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22850"
},
{
"name": "CVE-2025-20005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20005"
},
{
"name": "CVE-2025-20027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20027"
},
{
"name": "CVE-2025-22444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22444"
},
{
"name": "CVE-2025-20105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20105"
},
{
"name": "CVE-2025-20073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20073"
},
{
"name": "CVE-2025-20096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20096"
},
{
"name": "CVE-2025-20028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20028"
},
{
"name": "CVE-2025-20064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20064"
}
],
"initial_release_date": "2026-03-11T00:00:00",
"last_revision_date": "2026-03-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0261",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01234",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01393",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01393.html"
}
]
}
FKIE_CVE-2025-20068
Vulnerability from fkie_nvd - Published: 2026-03-10 23:16 - Updated: 2026-03-11 13:52
Severity
Summary
Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
},
{
"lang": "es",
"value": "La validaci\u00f3n de entrada incorrecta en el m\u00f3dulo UEFI ImcErrorHandler para algunas plataformas de referencia Intel(R) puede permitir una escalada de privilegios. Un adversario de software del sistema con un usuario privilegiado combinado con un ataque de alta complejidad puede habilitar la escalada de privilegios. Este resultado puede ocurrir potencialmente a trav\u00e9s de acceso local cuando los requisitos de ataque est\u00e1n presentes sin conocimiento interno especial y no requiere interacci\u00f3n del usuario. La vulnerabilidad potencial puede impactar la confidencialidad (alta), integridad (alta) y disponibilidad (alta) del sistema vulnerable, resultando en impactos subsiguientes en la confidencialidad (ninguna), integridad (ninguna) y disponibilidad (ninguna) del sistema."
}
],
"id": "CVE-2025-20068",
"lastModified": "2026-03-11T13:52:47.683",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2026-03-10T23:16:42.100",
"references": [
{
"source": "secure@intel.com",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secure@intel.com",
"type": "Primary"
}
]
}
GHSA-MC63-264H-5QH2
Vulnerability from github – Published: 2026-03-11 00:31 – Updated: 2026-03-11 00:31
VLAI
Details
Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Severity
{
"affected": [],
"aliases": [
"CVE-2025-20068"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-10T23:16:42Z",
"severity": "HIGH"
},
"details": "Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.",
"id": "GHSA-mc63-264h-5qh2",
"modified": "2026-03-11T00:31:35Z",
"published": "2026-03-11T00:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20068"
},
{
"type": "WEB",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
WID-SEC-W-2026-0666
Vulnerability from csaf_certbund - Published: 2026-03-10 23:00 - Updated: 2026-05-27 22:00Summary
Intel IPU, UEFI Reference Firmware: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Firmware ist eine in die Geräte fest eingebettete Software, die dort grundlegende Funktionen leistet.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Firmware ausnutzen, um vertrauliche Informationen offenzulegen oder erhöhte Berechtigungen zu erlangen
Betroffene Betriebssysteme: - BIOS/Firmware
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
HPE Synergy
HPE
|
cpe:/h:hpe:synergy:-
|
— | |
|
Intel Firmware IPU UEFI Reference
Intel / Firmware
|
cpe:/a:intel:firmware:ipu_uefi_reference
|
IPU UEFI Reference | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
F5 F5OS
F5
|
cpe:/o:f5:f5os:-
|
— |
References
10 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Firmware ist eine in die Ger\u00e4te fest eingebettete Software, die dort grundlegende Funktionen leistet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Firmware ausnutzen, um vertrauliche Informationen offenzulegen oder erh\u00f6hte Berechtigungen zu erlangen",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0666 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0666.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0666 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0666"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-01393 vom 2026-03-10",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01393.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-01234 vom 2026-03-10",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-213040 vom 2026-03-10",
"url": "https://support.lenovo.com/us/en/product_security/LEN-213040"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-206 vom 2026-03-10",
"url": "https://www.dell.com/support/kbdoc/de-de/000320878/dsa-2025-206"
},
{
"category": "external",
"summary": "HP Security Bulletin HPESBHF05028 vom 2026-03-11",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf05028en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "F5 Security Advisory K000160902 vom 2026-04-21",
"url": "https://my.f5.com/manage/s/article/K000160902"
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF04116 vom 2026-05-20",
"url": "https://support.hp.com/us-en/document/ish_14921729-14921766-16/HPSBHF04116"
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF04100 vom 2026-05-20",
"url": "https://support.hp.com/de-de/document/ish_14446345-14447730-16/HPSBHF04100"
}
],
"source_lang": "en-US",
"title": "Intel IPU, UEFI Reference Firmware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-27T22:00:00.000+00:00",
"generator": {
"date": "2026-05-28T07:26:35.840+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-0666",
"initial_release_date": "2026-03-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-20T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2026-05-21T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2026-05-27T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von HP aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T043182",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
},
{
"category": "product_name",
"name": "F5 F5OS",
"product": {
"name": "F5 F5OS",
"product_id": "1072194",
"product_identification_helper": {
"cpe": "cpe:/o:f5:f5os:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "HP Computer",
"product": {
"name": "HP Computer",
"product_id": "T031288",
"product_identification_helper": {
"cpe": "cpe:/h:hp:computer:-"
}
}
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE ProLiant",
"product": {
"name": "HPE ProLiant",
"product_id": "T027705",
"product_identification_helper": {
"cpe": "cpe:/h:hp:proliant:-"
}
}
},
{
"category": "product_name",
"name": "HPE Synergy",
"product": {
"name": "HPE Synergy",
"product_id": "T019820",
"product_identification_helper": {
"cpe": "cpe:/h:hpe:synergy:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "IPU UEFI Reference",
"product": {
"name": "Intel Firmware IPU UEFI Reference",
"product_id": "T051493",
"product_identification_helper": {
"cpe": "cpe:/a:intel:firmware:ipu_uefi_reference"
}
}
}
],
"category": "product_name",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Intel"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T036869",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20005",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-20005"
},
{
"cve": "CVE-2025-20027",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-20027"
},
{
"cve": "CVE-2025-20028",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-20028"
},
{
"cve": "CVE-2025-20064",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-20064"
},
{
"cve": "CVE-2025-20068",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-20068"
},
{
"cve": "CVE-2025-20073",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-20073"
},
{
"cve": "CVE-2025-20096",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-20096"
},
{
"cve": "CVE-2025-20105",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-20105"
},
{
"cve": "CVE-2025-22444",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-22444"
},
{
"cve": "CVE-2025-22850",
"product_status": {
"known_affected": [
"T036869",
"T031288",
"T019820",
"T051493",
"T027705",
"T043182",
"T001663",
"1072194"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2025-22850"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…