Improper Access Control Vulnerability in Intel Device Plugins for Kubernetes
CVE-2025-24313

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Device Plugins For Kubernetes Software Maintained By Intel
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-24313?

An improper access control vulnerability exists in the Device Plugins for Kubernetes maintained by Intel prior to version 0.32.0. This flaw may permit a privileged user to exploit local access, leading to potential denial of service disruptions within the Kubernetes environment. It is crucial for users to upgrade to the latest version to mitigate against potential exploitation of this vulnerability.

Affected Version(s)

Device Plugins for Kubernetes software maintained by Intel before version 0.32.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Feb 4, 2025

JSON