Privilege Escalation Vulnerability in Intel Connectivity Performance Suite Software
CVE-2025-20074

7.3HIGH

What is CVE-2025-20074?

A race condition vulnerability exists in the Intel Connectivity Performance Suite software installers, potentially allowing authenticated users to escalate privileges through local access. This security flaw arises from a time-of-check time-of-use issue, which could be exploited if a user accesses the system while it is verifying security measures. It is crucial for users to update to version 40.24.11210 or later to mitigate this risk effectively. For more details, please refer to the official advisory.

Affected Version(s)

Intel(R) Connectivity Performance Suite software installers before version 40.24.11210

References

CVSS V4

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-20074 : Privilege Escalation Vulnerability in Intel Connectivity Performance Suite Software