Privilege Escalation Vulnerability in Intel VTune Profiler and oneAPI Base Toolkits
CVE-2025-20106

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Vtune(tm) Profiler Software And Intel(r) Oneapi Base Toolkits
Vendor: CVE Published:; 10 February 2026

What is CVE-2025-20106?

Certain software installers for VTune Profiler and Intel oneAPI Base Toolkits prior to version 2025.0 may be susceptible to uncontrolled search path issues. These vulnerabilities could allow an authenticated user, leveraging complex attack vectors, to escalate privileges, potentially leading to unauthorized access and manipulation of sensitive system configurations. Although exploiting this vulnerability may necessitate user interaction, it represents a significant risk to the integrity, confidentiality, and availability of affected systems, underlining the need for timely updates and security assessments.

Affected Version(s)

VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0.

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Oct 11, 2024

CVE-2025-20106 Data

JSON