CVE-2025-20047

Improper locking in the Intel(R) Integrated Connectivity I/O interface (CNVi) for some Intel(R) Core Ultra Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.7 MEDIUM
PHYSICAL
HIGH
NONE
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
intelCNA
5.7 MEDIUM
PHYSICAL
HIGH
NONE
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Common Weakness Enumeration
References
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01180.html