Uncontrolled Search Path Vulnerability in Intel Graphics Software
CVE-2025-21099

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Graphics Software
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-21099?

An unfortunate vulnerability exists in specific versions of Intel Graphics Software, where an uncontrolled search path might allow an authenticated user with local access to manipulate environment variables. This could potentially lead to the escalation of privileges, enabling unauthorized access to sensitive system resources or functionalities.

Affected Version(s)

Intel(R) Graphics software See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Jan 8, 2025