Improper Privilege Management in Intel CIP Software
CVE-2025-24307

2.3LOW

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-24307?

The vulnerability in Intel's CIP software allows unprivileged adversaries to escalate privileges through a complex attack. This may result in unauthorized data manipulation without requiring specific internal knowledge or user interaction. Network access enables the attack, potentially compromising the integrity of the vulnerable system. While the confidentiality and availability remain unaffected, the integrity risks must be mitigated to protect sensitive information and maintain system trust.

Affected Version(s)

Intel(R) CIP software before version WIN_DCA_2.4.0.11001

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

2.3

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Jan 30, 2025

JSON