CVE-2025-6573

Critical

Published: 09 August 2025

Published

09 August 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0021 42.9th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-6573 is a critical-severity Improper Handling of Insufficient Permissions or Privileges (CWE-280) vulnerability in Imaginationtech (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 42.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SC-4 (Information in Shared System Resources).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-49 Hardware-enforced Separation and Policy Enforcement good match

prevent

Hardware-enforced separation and policy enforcement mechanisms directly prevent REE kernel software from leaking sensitive TEE information by isolating trusted and untrusted environments.

SC-4 Information in Shared System Resources good match

prevent

Protects shared system resources to block unauthorized information transfer from TEE to untrusted REE kernel software, addressing the core leakage mechanism.

AC-4 Information Flow Enforcement good match

prevent

Enforces strict information flow control policies between TEE and REE, mitigating improper privilege handling that enables cross-environment data leakage.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

T1212 Exploitation for Credential Access Credential Access

Adversaries may exploit software vulnerabilities in an attempt to collect credentials.

attack.mitre.org →

Why these techniques?

Kernel info-leak in REE-to-TEE boundary directly enables local privilege escalation via exploitation and credential/sensitive-data access.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Kernel software installed and running inside an untrusted/rich execution environment (REE) could leak information from the trusted execution environment (TEE).

Deeper analysisAI

CVE-2025-6573 is a critical vulnerability (CVSS 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) published on 2025-08-09, affecting kernel software installed and running inside an untrusted or rich execution environment (REE). The flaw, classified under CWE-280 (improper handling of insufficient privileges or access), enables this kernel software to leak sensitive information from the trusted execution environment (TEE). It impacts Imagination Technologies GPU drivers, as detailed in their vulnerability advisory.

Remote, unauthenticated attackers can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation allows high-impact compromise of confidentiality by leaking TEE data, alongside high integrity and availability impacts, potentially enabling data theft, modification, or denial of service within the affected environments.

For mitigation details, including patches or workarounds, refer to the vendor advisory at https://www.imaginationtech.com/gpu-driver-vulnerabilities/.