Improper Access Control in Intel CIP Software for User Applications
CVE-2025-24314

2.1LOW

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-24314?

The vulnerability allows unprivileged software adversaries to potentially expose data through improper access control within Intel CIP software versions prior to WIN_DCA_2.4.0.11001. This can occur without requiring user interaction, leveraging specific attack conditions and privileged user access. The exposure of sensitive information could happen via network access, raising concerns for organizations relying on this software for data protection.

Affected Version(s)

Intel(R) CIP software before version WIN_DCA_2.4.0.11001

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

2.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Jan 25, 2025

JSON