Intel(R) Reference Platforms May Allow Escalation of Privilege

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.1

Intel(R) Reference Platforms May Allow Escalation of Privilege

CVE-2025-20028

Summary

A flaw in Intel(R) reference platforms for some systems may allow an attacker with administrative access to gain even more power on the system. This could potentially lead to unauthorized changes or data theft. Affected system owners should check with Intel for updates and patches to fix this issue.

Original title

Original description

Time-of-check time-of-use race condition in the WheaERST SMM module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

nvd CVSS4.0 7.1

Vulnerability type

CWE-367

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html

Published: 10 Mar 2026 · Updated: 14 Mar 2026 · First seen: 10 Mar 2026