Insecure Inherited Permissions in Intel Simics Package Manager Software
CVE-2025-22448

6.9MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Simics(r) Package Manager Software
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-22448?

The Intel Simics Package Manager software has a vulnerability due to insecure inherited permissions that potentially allow an authenticated user to trigger a denial of service on systems with versions prior to 1.12.0. This flaw emphasizes the importance of proper permission management in software architecture, ensuring that local access does not lead to exploitation that could affect system stability.

Affected Version(s)

Intel(R) Simics(R) Package Manager software before version 1.12.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Jan 7, 2025