VYPR

Server Firmware Update Utility

by Intel

CVEs (7)

  • CVE-2025-25210HigFeb 10, 2026
    risk 0.53cvss 8.2epss 0.00

    Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation…

  • CVE-2025-22453HigFeb 10, 2026
    risk 0.49cvss 7.5epss 0.00

    Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local…

  • CVE-2025-35999MedFeb 10, 2026
    risk 0.44cvss 6.7epss 0.00

    Incorrect permission assignment for critical resource for some System Firmware Update Utility (SysFwUpdt) for Intel(R) Server Boards and Intel(R) Server Systems Based before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software…

  • CVE-2025-24918MedNov 11, 2025
    risk 0.44cvss 6.7epss 0.00

    Improper link resolution before file access ('link following') for some Intel(R) Server Configuration Utility software and Intel(R) Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System…

  • CVE-2023-22841MedAug 11, 2023
    risk 0.44cvss 6.7epss 0.00

    Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of…

  • CVE-2025-35969MedMay 12, 2026
    risk 0.35cvss epss 0.00

    Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may…

  • CVE-2024-2209Mar 26, 2024
    risk 0.00cvss epss 0.00

    A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility (FUU) bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary…