CVE-2025-58770

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability.

CVSS

No CVSS.

References

Link	Resource
https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025009.pdf

Configurations

No configuration.

History

12 Dec 2025, 15:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-12 15:15

Updated : 2025-12-12 15:17

NVD link : CVE-2025-58770

Mitre link : CVE-2025-58770

CVE.ORG link : CVE-2025-58770

JSON object : View

Products Affected

No product.

CWE

CWE-280

Improper Handling of Insufficient Permissions or Privileges

{"id": "CVE-2025-58770", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "biossecurity@ami.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.2, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-12-12T15:15:53.827", "references": [{"url": "https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025009.pdf", "source": "biossecurity@ami.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "biossecurity@ami.com", "description": [{"lang": "en", "value": "CWE-280"}]}], "descriptions": [{"lang": "en", "value": "APTIOV contains a vulnerability in BIOS where a user may cause \u201cImproper Handling of Insufficient Permissions or Privileges\u201d by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability."}], "lastModified": "2025-12-12T15:17:31.973", "sourceIdentifier": "biossecurity@ami.com"}

CVE-2025-58770

JSON object

Attach tags to CVE-2025-58770

Attach tags to `CVE-2025-58770`