CVE-2025-58770 — Improper Handling of Insufficient Permissions or Privileges in Aptiov

CWE-280 — Improper Handling of Insufficient Permissions or Privileges3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 95.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AMI Aptiov AMI Aptio V

Timeline

PublishedDec 12

Description

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H

Affected Packages2 packages

▶CVEListV5ami/aptiovAptioV_5.0 — AptioV_5.041

▶NVDami/aptio_v5.0 — 5.041

🔴Vulnerability Details

CVEList

TCG2 TPM RT Not Locked Issue↗2025-12-12

▶

GHSA

GHSA-5gw4-7cfm-h82q: APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access↗2025-12-12

▶