Cyber Resilience

CVE-2025-30513

High

Published: 10 February 2026

Published
10 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0012 2.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-30513 is a high-severity Race Condition (CWE-362) vulnerability in Intel (inferred from references). Its CVSS base score is 8.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 2.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-30513 is a race condition vulnerability (CWE-362) in some TDX Module within Ring 0, which may enable escalation of privilege in affected hypervisors. Published on 2026-02-10, it carries a CVSS v3.1 base score of 7.9 (AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N) and impacts confidentiality (high) and integrity (high), with no availability impact.

A system software adversary with privileged user access can exploit this via local access using a low-complexity attack that requires no user interaction and special internal knowledge. Successful exploitation allows escalation of privilege in the hypervisor, potentially compromising the vulnerable system's confidentiality and integrity due to the changed scope.

Mitigation details are available in the Intel Security Advisory at https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01397.html.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via…

more

local access when attack requirements are not present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1611 Escape to Host Privilege Escalation
Adversaries may break out of a container or virtualized environment to gain access to the underlying host.
Why these techniques?

Race condition in Ring-0 TDX hypervisor module directly enables local privilege escalation (T1068) with scope change, facilitating hypervisor escape (T1611).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-43275Shared CWE-362
CVE-2026-31516Shared CWE-362
CVE-2026-20853Shared CWE-362
CVE-2026-23004Shared CWE-362
CVE-2026-31761Shared CWE-362
CVE-2026-23271Shared CWE-362
CVE-2026-20934Shared CWE-362
CVE-2025-68956Shared CWE-362
CVE-2026-20848Shared CWE-362
CVE-2026-20930Shared CWE-362

Affected Assets

Intel
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely flaw remediation including vendor patches for the specific race condition in the TDX module, directly preventing privilege escalation exploitation.

prevent

Implements a reference monitor to mediate all hypervisor accesses, countering race condition-based privilege escalations in Ring 0.

prevent

Enforces process isolation to mitigate race conditions that enable interference leading to privilege escalation within the hypervisor.

References