CVE-2025-22834

AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.

CVSS v3 4.2 MEDIUM

4.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:ami:aptio_v:*:*:*:*:*:*:*:*

History

02 Oct 2025, 14:13

Type	Values Removed	Values Added
Summary		(es) AMI APTIOV contiene una vulnerabilidad en la BIOS que permite que un usuario cause una inicialización incorrecta al acceder localmente. La explotación exitosa de esta vulnerabilidad puede dejar el recurso en un estado inesperado y potencialmente afectar la confidencialidad, la integridad y la disponibilidad.
CPE		cpe:2.3:o:ami:aptio_v::::::::
First Time		Ami aptio V Ami
References	~~() https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf -~~	() https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf - Vendor Advisory

12 Aug 2025, 14:25

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-12 14:15

Updated : 2025-10-02 14:13

NVD link : CVE-2025-22834

Mitre link : CVE-2025-22834

CVE.ORG link : CVE-2025-22834

JSON object : View

Products Affected

ami

aptio_v

CWE

CWE-665

Improper Initialization

{"id": "CVE-2025-22834", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "biossecurity@ami.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 1.8}]}, "published": "2025-08-12T14:15:28.063", "references": [{"url": "https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf", "tags": ["Vendor Advisory"], "source": "biossecurity@ami.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "biossecurity@ami.com", "description": [{"lang": "en", "value": "CWE-665"}]}], "descriptions": [{"lang": "en", "value": "AMI APTIOV contains a vulnerability in BIOS where a user may cause \u201cImproper Initialization\u201d by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability."}, {"lang": "es", "value": "AMI APTIOV contiene una vulnerabilidad en la BIOS que permite que un usuario cause una inicializaci\u00f3n incorrecta al acceder localmente. La explotaci\u00f3n exitosa de esta vulnerabilidad puede dejar el recurso en un estado inesperado y potencialmente afectar la confidencialidad, la integridad y la disponibilidad."}], "lastModified": "2025-10-02T14:13:43.570", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ami:aptio_v:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3906693-E026-4920-B9B5-4B6CB22DFC51", "versionEndExcluding": "5.040", "versionStartIncluding": "5.0"}], "operator": "OR"}]}], "sourceIdentifier": "biossecurity@ami.com"}