CVE-2025-58770 – CVE-2025-58770 is a BIOS vulnerability in AMI A... (How to Fix)

Q: What is the severity of CVE-2025-58770?

CVE-2025-58770 has a CVSS score of 8.8 (HIGH). CVE-2025-58770 is a BIOS vulnerability in AMI APTIOV firmware that allows local attackers to bypass permission checks and escalate privileges. This affects systems with vulnerable AMI BIOS implementations, potentially compromising system integrity and availability. The vulnerability requires physical or local access to the target system.

📋 TL;DR

CVE-2025-58770 is a BIOS vulnerability in AMI APTIOV firmware that allows local attackers to bypass permission checks and escalate privileges. This affects systems with vulnerable AMI BIOS implementations, potentially compromising system integrity and availability. The vulnerability requires physical or local access to the target system.

💻 Affected Systems

Products:

Systems with AMI APTIOV BIOS firmware

Versions: Specific versions not detailed in advisory; consult vendor documentation

Operating Systems: All operating systems running on affected hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects various OEM systems using AMI APTIOV BIOS. Check with hardware vendor for specific model impact.

📦 What is this software?

Aptio V by Ami

View all CVEs affecting Aptio V →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with persistent BIOS-level malware installation, rendering the system untrustworthy even after OS reinstallation.

🟠

Likely Case

Local privilege escalation allowing attackers to gain administrative control, install malware, or disable security controls.

🟢

If Mitigated

Limited impact if proper physical security controls prevent unauthorized local access to systems.

🌐 Internet-Facing: LOW - Requires local access, cannot be exploited remotely over network.

🏢 Internal Only: HIGH - Malicious insiders or attackers with physical access can exploit this to gain complete system control.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and BIOS/UEFI interaction knowledge. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BIOS updates from hardware vendors

Vendor Advisory: https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025009.pdf

Restart Required: Yes

Instructions:

1. Contact hardware vendor for BIOS update. 2. Download appropriate BIOS update for your system model. 3. Follow vendor's BIOS update procedure. 4. Reboot system to apply update. 5. Verify BIOS version after update.

🔧 Temporary Workarounds

Physical Security Controls

all

Restrict physical access to systems to prevent local exploitation

BIOS Password Protection

all

Enable BIOS/UEFI password to restrict unauthorized BIOS access

🧯 If You Can't Patch

Implement strict physical security controls and access monitoring
Isolate affected systems in secure areas with limited personnel access

🔍 How to Verify

Check if Vulnerable:

Check BIOS version against vendor's vulnerability list or run: wmic bios get smbiosbiosversion (Windows) or dmidecode -s bios-version (Linux)

Check Version:

Windows: wmic bios get smbiosbiosversion | Linux: dmidecode -s bios-version

Verify Fix Applied:

Verify BIOS version after update matches vendor's patched version

📡 Detection & Monitoring

Log Indicators:

BIOS/UEFI configuration changes
Unauthorized physical access logs
Unexpected system reboots into BIOS

Network Indicators:

Not applicable - local exploit only

SIEM Query:

Search for BIOS/UEFI access events or physical security system alerts for unauthorized access

📊 Metadata

CVE ID: CVE-2025-58770

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-280

EPSS Score: 0.01% exploit probability (1.8th percentile)

Published: December 12, 2025

Last Updated: January 12, 2026

🔗 References

https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025009.pdf Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58770, you might also want to check these: