CVE-2025-65264 | THREATINT

Description

The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request.

PUBLISHED Reserved 2025-11-18 | Published 2026-01-27 | Updated 2026-01-27 | Assigner mitre

References

www.cpuid.com/softwares/cpu-z.html

github.com/cwjchoi01/CVE-2025-65264

cve.org (CVE-2025-65264)

nvd.nist.gov (CVE-2025-65264)

Download JSON