Intel disclosed and patched several vulnerabilities affecting Intel Xeon server processors, including firmware and trusted execution flaws that can lead to local privilege escalation and, in one case, denial of service. In advisory INTEL-SA-01313, Intel said CVE-2025-20053 and CVE-2025-24305 affect multiple Xeon families, including 4th and 5th Gen Xeon Scalable, Xeon W2400/W3400, and some Xeon 6 products, with the bugs tied to SGX buffer handling and ACTM firmware control flow. Intel also noted CVE-2025-21090 as a local denial-of-service issue and said the vulnerabilities were discovered internally, with mitigations delivered through firmware updates from system manufacturers.
Intel separately issued INTEL-SA-01367 for Xeon 6 Birch Stream processors, covering CVE-2025-26403 and CVE-2025-32086, two high-severity flaws that affect systems using SGX or TDX and could let a privileged local user escalate privileges through out-of-bounds writes or improper security checks. Related reporting also highlighted additional Xeon 6 risks involving OOB-MSM access control (CVE-2025-22839), TDX memory-range overlap handling (CVE-2025-22889), and instruction-sequence-triggered privilege escalation (CVE-2025-22840), underscoring continued exposure in confidential computing and hardware management features. Intel released microcode and firmware mitigations and advised customers to install the latest updates from their OEM or system vendor.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
5 events from the most recent confirmed update back to the earliest known activity.
F5 issued a product advisory concerning Intel UEFI firmware vulnerability CVE-2025-20105. No further details are provided in the reference synopsis.
HPE published advisory HPESBHF05019 rev.1 for certain HPE SimpliVity servers using certain Intel processors, referencing INTEL-SA-01397 and multiple vulnerabilities involving the 2026.1 IPU and Intel Trust Domain Extensions module. The reference indicates an HPE product impact and vendor response distinct from the previously listed Intel and F5 advisories.
Intel disclosed CVE-2025-26403 and CVE-2025-32086 affecting some Intel Xeon 6 processors when SGX or TDX is in use. Intel rated both issues High under CVSS v3.1, released microcode updates, and said a Trusted Computing Base recovery was planned after public disclosure.
Intel disclosed three vulnerabilities affecting several Intel Xeon processor families: CVE-2025-20053, CVE-2025-24305, and CVE-2025-21090. Intel said the issues were discovered internally and released firmware mitigations through system manufacturers.
Intel disclosed CVE-2025-20037, a TOCTOU race condition in Intel Converged Security and Management Engine firmware, and released patched firmware versions 16.1.38.2676 and 14.1.77.2497. The flaw could enable privilege escalation or security control bypass on affected Intel-based systems.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
14 references tracked. Mallory keeps watching after this page renders.
my.f5.com
Open sourcesupport.hpe.com
Open sourceintel.com
Open sourceintel.com
Open sourcezeropath.com
Open sourcezeropath.com
Open sourcezeropath.com
Open sourcecyber.ee
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.