Improper Access Control in Intel CIP Software
CVE-2025-24516

6.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-24516?

An improper access control issue exists in Intel's CIP software versions prior to WIN_DCA_2.4.0.11001, which may lead to information disclosure. An adversary with unprivileged software leveraging a privileged user account can exploit this vulnerability using a low complexity attack scenario. The attack may not require special internal knowledge or user interaction, allowing adjacent access to sensitive data. While this vulnerability may expose confidential information, it does not impact system integrity or availability.

Affected Version(s)

Intel(R) CIP software before version WIN_DCA_2.4.0.11001

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Jan 30, 2025

JSON