PT-2026-7286 · Intel · Intel Optane Pmem Management

Published

2026-02-10

Updated

2026-02-10

CVE-2025-22849

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel(R) Optane(TM) PMem management software versions CR MGMT 01.00.00.3584, CR MGMT 02.00.00.4052, CR MGMT 03.00.00.0538

Description The software has default permissions that may allow a privilege escalation. An unprivileged software adversary with an authenticated user and a high complexity attack may be able to escalate privileges. This may occur via local access with active user interaction. The potential impacts to the system include confidentiality, integrity, and availability.

Recommendations Update to version CR MGMT 01.00.00.3584 or later. Update to version CR MGMT 02.00.00.4052 or later. Update to version CR MGMT 03.00.00.0538 or later.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2025-22849

Affected Products

Intel Optane Pmem Management

PT-2026-7286 · Intel · Intel Optane Pmem Management

CVE-2025-22849

Weakness Enumeration

Related Identifiers

Affected Products

References · 3