What the vulnerability does
01Description
Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVSS base score
5.7/10
CVSS vector
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
Key dates
02Disclosure timeline
August 14, 2024
CVE published
November 3, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-62789 Wazuh vulnerable to NULL pointer dereference in fim_alert line 712
CVE-2022-23476 Unchecked return value from xmlTextReaderExpand in Nokogiri
CVE-2024-50306 Apache Traffic Server: Server process can fail to drop privilege
CVE-2024-8110
CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666
