Medium
CVSS 6.0
Overview
Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SPS may allow a privileged user to potentially enable information disclosure via local access.
CVE-2025-20067
Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SP...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 6.0 (MEDIUM)
- Detected tags: info_leak (tag impact: LOW)
Recommended actions:
- Reduce verbose errors, remove debug endpoints, minimize PII in logs.