CVE-2025-31648Improper Handling of Values in Intel-microcode

CWE-229Improper Handling of Values7 documents7 sources
Severity
1.8LOWNVD
EPSS
0.0%
top 99.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian Intel-microcode
Timeline
PublishedFeb 10
Latest updateMar 3

Description

Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availabi

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Affected Packages1 packages

debiandebian/intel-microcode< intel-microcode 3.20260210.1 (forky)

🔴Vulnerability Details

2
GHSA
GHSA-cf43-7r7r-9f4f: Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege2026-02-10
OSV
CVE-2025-31648: Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege2026-02-10

📋Vendor Advisories

3
Ubuntu
Intel Microcode vulnerability2026-03-03
Red Hat
microcode_ctl: From CVEorg collector2026-02-10
Debian
CVE-2025-31648: intel-microcode - Improper handling of values in the microcode flow for some Intel(R) Processor Fa...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-31648 Impact, Exploitability, and Mitigation Steps | Wiz