Intel(R) One Boot Flash Update (Intel(R) Ofu) Software
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:intel(r)_one_boot_flash_update_(intel(r)_ofu)_software:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Intel(R) One Boot Flash Update (Intel(R) Ofu) Software (3dd9f4d2-f741-5c7f-970d-303ae582c077) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-27711 |
vulnerable | 2026-06-08 07:14:55.467393 |
Details available
MEDIUM (6.7)
Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Published: 2025-11-11T16:50:24.723Z
Updated: 2025-11-14T17:37:52.472Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-25059 |
vulnerable | 2026-06-08 07:12:50.598999 |
Details available
MEDIUM (6.7)
Uncontrolled search path for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Published: 2025-11-11T16:50:09.860Z
Updated: 2025-11-12T20:01:14.840Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.