CVE-2025-32086 is a hardware/firmware privilege escalation vulnerability affecting some Intel Xeon 6 processors on the Birch Stream server platform when Intel SGX or Intel TDX is in use. According to the provided content, the flaw is caused by an improperly implemented security check in the DDRIO configuration path. This weakness can allow a privileged local user to bypass intended security validation associated with DDRIO operation in environments using SGX enclaves or TDX trust domains, potentially undermining isolation guarantees and enabling escalation of privilege. Intel rated the issue High under CVSS v3.1 (7.2).
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
What an attacker gets, and what they’ve been doing with it.
If you can’t patch tonight, do this now.
Patch, then assume compromise.
No public exploits tracked yet. Mallory keeps watching.
No public exploit code observed for this vulnerability.
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
An improperly implemented security check in the DDRIO configuration of some Intel Xeon 6 processors when using Intel SGX or Intel TDX that may allow local privilege escalation by a privileged user.
A high-severity privilege escalation vulnerability in Intel Xeon 6 processors involving DDRIO configuration when Intel SGX or Intel TDX is enabled, potentially allowing a privileged local user to circumvent isolation protections for secure enclaves or trust domains.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.