CVE-2023-25756 MEDIUM

CVE-2023-25756

Vendor N/A
Product Intel(R) Processors
Weakness CWE-125
Published November 14, 2023
Last update February 13, 2025

CVSS base score

4.6/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

What the vulnerability does

01Description

Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

Key dates

02Disclosure timeline

November 14, 2023 CVE published
February 13, 2025 Record updated