Analysis Summary

CVE-2025-21094 CVSS:7.5

Improper input validation in the UEFI firmware DXE module for the Intel(R) Server D50DNP and M50FCP boards may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2025-20618 CVSS:7.9

Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access

CVE-2025-20104 CVSS:7.3

Race condition in some Administrative Tools for some Intel(R) Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2025-20101 CVSS:8.4

Out-of-bounds read for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable information disclosure or denial of service via local access.

CVE-2025-20100 CVSS:7.5

Improper access control in the memory controller configurations for some Intel(R) Xeon(R) 6 processor with E-cores may allow a privileged user to potentially enable escalation of privilege via local access.

Impact

• Privilege Escalation
• Denial of Service

Indicators of Compromise

CVE

• CVE-2025-21094

• CVE-2025-20618

• CVE-2025-20104

• CVE-2025-20101

• CVE-2025-20100

Affected Vendors

Affected Products

• Intel(R) Server D50DNP and M50FCP boards
• Intel(R) PROSet/Wireless WiFi Software
• Intel(R) Network Adapters
• Intel(R) Graphics Drivers
• Intel(R) Xeon(R) 6 processor

Remediation

Upgrade to the latest version, available from the Intel Website.

CVE-2025-21094

CVE-2025-20618

CVE-2025-20104

CVE-2025-20101

CVE-2025-20100