Improper Access Control in Intel PCIe Switch Software
CVE-2025-24323
7HIGH
Key Information:
- Vendor
Intel
- Vendor
- CVE Published:
- 12 August 2025
What is CVE-2025-24323?
The vulnerability in the Intel PCIe Switch software stems from inadequate access controls in specific firmware packages and the associated LED mode toggle tool. This weakness allows a privileged user to execute unauthorized actions, potentially leading to an escalation of privileges through local access. Prompt updates and diligent management of access rights are recommended to mitigate the risks associated with this vulnerability.
Affected Version(s)
firmware package and LED mode toggle tool for some Intel(R) PCIe Switch software before version MR4_1.0b1