Information Disclosure Vulnerability in Intel Local Manageability Service
CVE-2025-24520

4.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Local Manageability Service Software
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-24520?

The Intel(R) Local Manageability Service software prior to version 2514.7.16.0 contains a vulnerability that allows the insertion of sensitive information into log files. This issue could enable authenticated users to potentially disclose confidential information through local access, thereby posing a risk to data confidentiality. It is recommended that users upgrade to the latest version to mitigate this risk. For further details, please refer to the official advisory.

Affected Version(s)

Intel(R) Local Manageability Service software before version 2514.7.16.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Jan 25, 2025