CVE-2025-4425

SetupAutomationSmm: Stack overflow vulnerability in SMI handler

Description

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/home

INFO

Published Date :

2025-07-30T00:45:32.592Z

Last Modified :

2025-08-14T05:56:26.016Z

Source :

Insyde

AFFECTED PRODUCTS

The following products are affected by CVE-2025-4425 vulnerability.

Vendors	Products
Insyde	Insydeh2o

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4425.

URL	Resource
https://support.lenovo.com/us/en/product_security/home
https://www.insyde.com/security-pledge/sa-2025007/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact