CVE-2025-30185
HIGHDescription
Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable data alteration. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (high) and availability (high) impacts.
Is your site exposed to CVE-2025-30185?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-30185? +
How severe is CVE-2025-30185? +
How do I check if I'm vulnerable to CVE-2025-30185? +
Related Vulnerabilities
A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with …
An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable …
Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an …
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass vulnerability in the administrative web server. Authentication …
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web …
The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated …