CVE-2025-20077

Summary

Missing release of memory after effective lifetime in the UEFI OobRasMmbiHandlerDriver module for some Intel(R) reference server platforms may allow a privileged user to enable denial of service via local access.

Affected Software

VendorProductVersion RangeStatus
n/aIntel(R) reference server platformsSee referencesaffected

Weaknesses

  • Denial of Service
  • CWE-401: Missing Release of Memory after Effective Lifetime

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References