Uncontrolled Search Path Vulnerability in Intel Graphics Software
CVE-2025-20041

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Graphics Software For Intel(r) Arc™ Graphics And Intel(r) Iris(r) Xe Graphics
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-20041?

The vulnerability in Intel's graphics software arises from an uncontrolled search path mechanism, which could be exploited by an authenticated user with local access. This flaw may permit the insertion of malicious components into system paths. It poses a significant risk because it allows unauthorized escalation of privileges, compromising system integrity. Users of Intel Arc and Intel Iris Xe graphics software must upgrade to the latest versions to mitigate this risk effectively.

Affected Version(s)

Intel(R) Graphics software for Intel(R) Arc™ graphics and Intel(R) Iris(R) Xe graphics before version 32.0.101.6325/32.0.101.6252

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Jan 6, 2025