Privilege Escalation Vulnerability in Intel CIP Software
CVE-2025-20050

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-20050?

A privilege escalation vulnerability exists in Intel CIP software prior to version WIN_DCA_2.4.0.11001. This weakness arises from an uncontrolled search path, which can be exploited by an authenticated adversary with unprivileged software. Successfully leveraging this vulnerability requires a complex attack and user interaction, allowing potential local code execution. The implications may affect the system's confidentiality, integrity, and availability, making it crucial for users to upgrade to the latest version and fortify their security measures.

Affected Version(s)

Intel(R) CIP software before version WIN_DCA_2.4.0.11001

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Mar 27, 2025

JSON