PT-2025-46395 · Intel · Intel(R) Cip
Published
2025-11-11
·
Updated
2025-11-11
·
CVE-2025-24847
CVSS v4.0
5.7
Medium
| Vector | AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Intel(R) CIP software versions prior to WIN DCA 2.4.0.11001
Description
Improper input validation in some Intel(R) CIP software within Ring 3 User Applications may allow information disclosure. An unprivileged software adversary, combined with a privileged user and a low complexity attack, could potentially enable data exposure. This may occur via network access with passive user interaction. The issue may impact the confidentiality of the vulnerable system.
Recommendations
Update to version WIN DCA 2.4.0.11001 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel(R) Cip