CVE-2025-24516
BaseFortify
Publication date: 2025-11-11
Last updated on: 2025-11-11
Assigner: Intel Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| intel | cip_software | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper access control issue in certain Intel(R) CIP software versions before WIN_DCA_2.4.0.11001. It allows an unprivileged software adversary, combined with a privileged user, to potentially disclose sensitive information. The attack is of low complexity, requires no user interaction, and may occur via adjacent access without special internal knowledge.
How can this vulnerability impact me? :
The vulnerability can lead to information disclosure, impacting the confidentiality of the system. It does not affect the integrity or availability of the system. An attacker with certain privileges could expose sensitive data, potentially compromising confidentiality.