Uncontrolled Recursion in TinyCBOR Libraries by Intel
CVE-2025-24302

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Tinycbor Libraries Maintained By Intel(r)
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-24302?

A vulnerability exists in the TinyCBOR libraries maintained by Intel, where uncontrolled recursion prior to version 0.6.1 could allow an authenticated user to exploit this weakness, potentially enabling them to escalate their privileges via local access. This issue highlights the importance of updating to the latest library version to mitigate possible security risks.

Affected Version(s)

TinyCBOR libraries maintained by Intel(R) before version 0.6.1

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Jan 25, 2025

JSON