CVE-2025-22833

Description

APTIOV contains a vulnerability in BIOS where an attacker may cause a Buffer Copy without Checking Size of Input by local accessing. Successful exploitation of this vulnerability may lead to arbitrary code execution.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

Low

Attack Requirements

Present

Privileges Required

Low

User Interaction

Passive

Confidentiality (Vulnerable System)

Low

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

AMI / AptioVAptioV_5.0 – AptioV_5.040

References

VENDOR_ADVISORYhttps://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025008.pdf