Information Disclosure Vulnerability in Intel Core Ultra Processors
CVE-2025-24495

6.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Core™ Ultra Processors
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-24495?

An information disclosure vulnerability has been found in the branch prediction unit of specific Intel Core Ultra Processors. Due to incorrect initialization of resources, an authenticated user with local access may be able to exploit this flaw, potentially leading to unauthorized access to sensitive information. This highlights the importance of robust access controls and monitoring in environments utilizing affected processors. For detailed technical information and potential mitigations, please refer to Intel's official advisory.

Affected Version(s)

Intel(R) Core™ Ultra Processors See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Feb 4, 2025