Insecure Inherited Permissions in Intel Simics Package Manager Software
CVE-2025-20008

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Simics(r) Package Manager Software
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-20008?

Certain versions of Intel Simics Package Manager before version 1.12.0 are affected by an insecure inherited permissions issue. This vulnerability could allow a privileged user to exploit local access to enable privilege escalation. Proper security measures should be implemented to mitigate the potential risks associated with these vulnerabilities to ensure the integrity and confidentiality of the system.

Affected Version(s)

Intel(R) Simics(R) Package Manager software before version 1.12.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Jan 7, 2025