Primary

Context

Intel UEFI WheaERST Module Privilege Escalation Vulnerability

Vulnerability

A vulnerability has been identified in the UEFI WheaERST module for certain Intel reference platforms, allowing for improper input validation that may lead to unauthorized privilege escalation. This vulnerability could be exploited by a system software adversary with privileged user access, through a complex attack, potentially via local access, without special internal knowledge or user interaction. The vulnerability could significantly impact the system's confidentiality, integrity, and availability.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to gain elevated rights or access on the system.

Remediation

Users are advised to update to the latest version provided by their system manufacturer that addresses this vulnerability.

Added: Mar 11, 2026, 12:00 AM

Updated: Mar 11, 2026, 12:00 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

2.4

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

2.4

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Intel UEFI WheaERST Module Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Intel Xeon E

Intel Xeon Scalable

Intel Xeon D

Intel Xeon Processor D

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating