Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2025-20044

CVE-2025-20044

MEDIUM5.6

Improper locking for some Intel(R) TDX Module firmware before version 1

Published Aug 12, 2025

Modified 1 months ago

Details

Improper locking for some Intel(R) TDX Module firmware before version 1.5.13 may allow a privileged user to potentially enable escalation of privilege via local access.

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01245.html

https://www.cve.org/CVERecord?id=CVE-2025-20044

CVSS Analysis

CVSS v4.0

5.6

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

HighAC:H

Attack Requirements

PresentAT:P

Privileges Required

HighPR:H

User Interaction

NoneUI:N

Vulnerable System

Vuln. Confidentiality

NoneVC:N

Vuln. Integrity

HighVI:H

Vuln. Availability

NoneVA:N

Subsequent System

Subseq. Confidentiality

NoneSC:N

Subseq. Integrity

NoneSI:N

Subseq. Availability

NoneSA:N

5.6/CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Weakness Type (CWE)

Other

Ecosystems

Timeline

PublishedAug 12, 2025

ModifiedFeb 26, 2026

CVE-2025-20044 | Mondoo Vulnerability Intelligence