PT-2025-46385 · Intel · Intel(R) Cip
Published
2025-11-11
·
Updated
2025-11-12
·
CVE-2025-24307
CVSS v4.0
2.3
Low
| Vector | AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Intel(R) CIP software versions prior to WIN DCA 2.4.0.11001
Description
A flaw exists in privilege management within some Intel(R) CIP software. This issue, present in Ring 3 User Applications, could allow an unprivileged software adversary with an authenticated user and a high complexity attack to escalate privileges and manipulate data. The potential attack vector is network access, requiring no special internal knowledge or user interaction. The issue may impact the integrity of the system.
Recommendations
Update to version WIN DCA 2.4.0.11001 or later.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel(R) Cip