CVE-2025-22839
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-12

Last updated on: 2025-11-03

Assigner: Intel Corporation

Description
Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-12
Last Modified
2025-11-03
Generated
2026-05-06
AI Q&A
2025-08-12
EPSS Evaluated
2026-05-05
NVD
CVE-2025-22839
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
intel intel_microcode 3.20250812.1~deb11u1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1220 The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves insufficient granularity of access control in the Out-Of-Band Management Subsystem (OOB-MSM) for certain Intel Xeon 6 Scalable processors. It may allow a privileged user to potentially escalate their privileges by accessing adjacent resources that should be restricted.


How can this vulnerability impact me? :

The vulnerability can lead to privilege escalation, meaning a user with some level of privilege could gain higher-level access than intended. This could compromise system security by allowing unauthorized actions or access to sensitive data.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart