CVE-2025-22834 - Vulnerability Details - OpenCVE

AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Ami	Aptio V

No data.

No data.

References

Link	Providers
https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf

History

Tue, 12 Aug 2025 20:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ami Ami aptio V
Vendors & Products		Ami Ami aptio V

Tue, 12 Aug 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 12 Aug 2025 14:15:00 +0000

Type	Values Removed	Values Added
Description		AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.
Title		ThirdPartyVideo SetVariable Vulnerability
Weaknesses		CWE-665
References		https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf
Metrics		cvssV3_1 `{'score': 4.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L'}`

MITRE

Status: PUBLISHED

Assigner: AMI

Published: 2025-08-12T14:02:14.354Z

Updated: 2025-08-12T14:37:37.856Z

Reserved: 2025-01-08T01:06:44.338Z

Link: CVE-2025-22834

Vulnrichment

Updated: 2025-08-12T14:37:28.596Z

NVD

Status : Awaiting Analysis

Published: 2025-08-12T14:15:28.063

Modified: 2025-08-12T14:25:33.177

Link: CVE-2025-22834

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-22834", "assignerOrgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6", "state": "PUBLISHED", "assignerShortName": "AMI", "dateReserved": "2025-01-08T01:06:44.338Z", "datePublished": "2025-08-12T14:02:14.354Z", "dateUpdated": "2025-08-12T14:37:37.856Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "AptioV", "vendor": "AMI", "versions": [{"lessThanOrEqual": "AptioV_5.040", "status": "affected", "version": "AptioV_5.0", "versionType": "Custom"}]}], "datePublic": "2025-08-12T14:02:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "AMI APTIOV contains a vulnerability in BIOS where a user may cause \u201cImproper Initialization\u201d by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability."}], "value": "AMI APTIOV contains a vulnerability in BIOS where a user may cause \u201cImproper Initialization\u201d by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-665", "description": "CWE-665 Improper Initialization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6", "shortName": "AMI", "dateUpdated": "2025-08-12T14:02:14.354Z"}, "references": [{"url": "https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf"}], "source": {"discovery": "UNKNOWN"}, "title": "ThirdPartyVideo SetVariable Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-12T14:37:24.005909Z", "id": "CVE-2025-22834", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-12T14:37:37.856Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-22834", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-12T14:37:24.005909Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-12T14:37:28.596Z"}}], "cna": {"title": "ThirdPartyVideo SetVariable Vulnerability", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AMI", "product": "AptioV", "versions": [{"status": "affected", "version": "AptioV_5.0", "versionType": "Custom", "lessThanOrEqual": "AptioV_5.040"}], "defaultStatus": "unaffected"}], "datePublic": "2025-08-12T14:02:00.000Z", "references": [{"url": "https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "AMI APTIOV contains a vulnerability in BIOS where a user may cause \u201cImproper Initialization\u201d by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.", "supportingMedia": [{"type": "text/html", "value": "AMI APTIOV contains a vulnerability in BIOS where a user may cause \u201cImproper Initialization\u201d by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-665", "description": "CWE-665 Improper Initialization"}]}], "providerMetadata": {"orgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6", "shortName": "AMI", "dateUpdated": "2025-08-12T14:02:14.354Z"}}}, "cveMetadata": {"cveId": "CVE-2025-22834", "state": "PUBLISHED", "dateUpdated": "2025-08-12T14:37:37.856Z", "dateReserved": "2025-01-08T01:06:44.338Z", "assignerOrgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6", "datePublished": "2025-08-12T14:02:14.354Z", "assignerShortName": "AMI"}, "dataVersion": "5.1"}