Main Vulnerability Database SB2025051563

SB2025051563 - Privilege escalation in Intel Core Ultra Processors CNVi

Published: May 15, 2025

Security Bulletin ID SB2025051563

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper locking (CVE-ID: CVE-2025-20047)

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to improper locking in the Intel Integrated Connectivity I/O interface (CNVi) for some Intel Core Ultra Processors. An attacker with physical access to the system can execute arbitrary code with escalated privileges.

Remediation

Install update from vendor's website.

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01180.html