TCG2 TPM RT Not Locked Issue_CVE-2025-58770

7.2 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H/E:P

Description

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability.

Basic Information

ID CVE-2025-58770

Source AMI

Published Dec 12, 2025 at 15:03

Affected Product

Vendor AMI

Product AptioV

Version AptioV_5.0

Affected Versions AMI AptioV AptioV_5.0

CWE Classification

CWE-280

References

go.ami.com /hubfs/Security%20Advisories/2025/AMI-SA-2025009.pdf

{
    "lastseen": "",
    "description": "APTIOV contains a vulnerability in BIOS where a user may cause \u201cImproper Handling of Insufficient Permissions or Privileges\u201d by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability.",
    "published": "2025-12-12T15:03:16.408Z",
    "modified": "2025-12-12T15:03:16.408Z",
    "type": "cve",
    "title": "TCG2 TPM RT Not Locked Issue",
    "source": "AMI",
    "references": "https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025009.pdf",
    "id": "CVE-2025-58770",
    "bulletinFamily": "",
    "cwe": [
        "CWE-280"
    ],
    "cvelist": null,
    "sourceData": "AMI AptioV AptioV_5.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AptioV",
    "version": "AptioV_5.0",
    "vendor": "AMI",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}