Severity
High
Analysis Summary
CVE-2025-21094 CVSS:7.5
Improper input validation in the UEFI firmware DXE module for the Intel(R) Server D50DNP and M50FCP boards may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-20618 CVSS:7.9
Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access
CVE-2025-20104 CVSS:7.3
Race condition in some Administrative Tools for some Intel(R) Network Adapters package before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-20101 CVSS:8.4
Out-of-bounds read for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable information disclosure or denial of service via local access.
CVE-2025-20100 CVSS:7.5
Improper access control in the memory controller configurations for some Intel(R) Xeon(R) 6 processor with E-cores may allow a privileged user to potentially enable escalation of privilege via local access.
Impact
- Privilege Escalation
- Denial of Service
Indicators of Compromise
CVE
CVE-2025-21094
CVE-2025-20618
CVE-2025-20104
CVE-2025-20101
CVE-2025-20100
Affected Vendors
Affected Products
- Intel(R) Server D50DNP and M50FCP boards
- Intel(R) PROSet/Wireless WiFi Software
- Intel(R) Network Adapters
- Intel(R) Graphics Drivers
- Intel(R) Xeon(R) 6 processor
Remediation
Upgrade to the latest version, available from the Intel Website.