Insufficient Control Flow Management in Intel products - CVE-2024-25565
Published: November 13, 2024
Vulnerability identifier: #VU100417
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-25565
CWE-ID: CWE-691
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
UEFI firmware
Intel 4th Generation Intel Xeon Scalable Processors
Intel 5th Generation Intel Xeon Scalable Processors
UEFI firmware
Intel 4th Generation Intel Xeon Scalable Processors
Intel 5th Generation Intel Xeon Scalable Processors
Detailed vulnerability description
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient control flow management. A local attacker can perform a denial of service (DoS) attack.
How to mitigate CVE-2024-25565
Install updates from vendor's website.