#VU109427 Uncaught Exception in Intel products - CVE-2025-20054

Vulnerability identifier: #VU109427

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-20054

CWE-ID: CWE-248

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
12th Generation Intel Core Processors
Intel Pentium Gold Processor Series
Intel Celeron Processors
Intel Core Ultra family
5th Generation Intel Xeon Scalable processors
Intel Xeon W Processors
Intel Xeon E Processors
13th Generation Intel Core Processors
14th Generation Intel Core Processors
Intel Xeon CPU Max Series processors
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
Intel Core Ultra 200S Series Processor
5th Generation Intel Xeon Platinum processor
5th Generation Intel Xeon Gold Processor
5th Generation Intel Xeon Silver Processor
5th Generation Intel Xeon Bronze Processor
Intel Core Ultra Processors Series 2

Software vendor:
Intel

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an uncaught exception in the core management mechanism for some Intel Processors. A local user can perform a denial of service (DoS) attack.

Install updates from vendor's website.

• https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01244.html