Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:intel(r)_processor_family_may_allow_an_escalation_of_privilege._startup_code_and_smm_adversary_with_a_privileged_user_combined_with_a_high_complexity_attack_may_enable_escalation_of_privilege._this_result_may_potentially_occur_via_local_access_when_attack_requirements_are_present_with_special_internal_knowledge_and_requires_no_user_interaction._the_potential_vulnerability_may_impact_the_confidentiality_(low),_integrity_(low)_and_availability_(none)_of_the_vulnerable_system,_resulting_in_subsequent_system_confidentiality_(low),_integrity_(low)_and_availability_(none)_impacts.:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductIntel(R) Processor Family May Allow An Escalation Of Privilege. Startup Code And Smm Adversary With A Privileged User Combined With A High Complexity Attack May Enable Escalation Of Privilege. This Result May Potentially Occur Via Local Access When Attack Requirements Are Present With Special Internal Knowledge And Requires No User Interaction. The Potential Vulnerability May Impact The Confidentiality (Low), Integrity (Low) And Availability (None) Of The Vulnerable System, Resulting In Subsequent System Confidentiality (Low), Integrity (Low) And Availability (None) Impacts. (65777e57-a512-57c7-a05c-5a6c678e3f14)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-31648 vulnerable 2026-06-08 07:18:58.305729 Details available
LOW (3.9)
Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (low), integrity (low) and availability (none) impacts.
Published: 2026-02-10T16:25:36.350Z
Updated: 2026-02-26T15:04:09.683Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.