CVE-2025-24862
BaseFortify
Publication date: 2025-11-11
Last updated on: 2025-11-26
Assigner: Intel Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| intel | computing_improvement_program | to 2.4.11001 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the unrestricted upload of files with dangerous types in certain Intel(R) CIP software versions before WIN_DCA_2.4.0.11001. It may allow an escalation of privilege when an unprivileged adversary with a privileged user and high complexity attack conditions are met. The attack may occur via network access with special internal knowledge and requires passive user interaction.
How can this vulnerability impact me? :
The vulnerability may allow data manipulation, impacting the integrity of the vulnerable system at a low level. It does not impact confidentiality or availability. The overall risk is low due to the complexity and conditions required for the attack.