Security Advisory: Security Update Regarding Intel Processor Vulnerability (2025.3 IPU)

SA: Aivres-SA-202604001

Initial Release: 04/16/2026

Source: This vulnerability was discovered by Intel.

Potential Security Impact: Privilege Escalation, Information Disclosure, Denial of Service

Vulnerability Summary:

CVE-2025-20053
Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2025-24305
Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel Xeon processors may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2025-21090
Missing reference to active allocated resource for some Intel Xeon processors may allow an authenticated user to potentially enable denial of service via local access.

Resolution:

Download the BIOS fix for your specific product model, perform the BIOS update, and restart the system for the changes to take effect.

Revision History:

Version 1 – 15 April 2026 Initial release

Reference links:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html

Declaration:

Aivres shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided “as is” without warranty of any kind. To the extent permitted by law, Aivres disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement. In no event shall Aivres or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Aivres is entitled to amend or update this document from time to time.