Protection Mechanism Failure in Intel CIP Software
CVE-2025-24834

6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-24834?

An issue has been identified in Intel's CIP software that may lead to information exposure under specific conditions. The vulnerability arises from a failure in the protection mechanisms within Ring 3, impacting user applications prior to version WIN_DCA_2.4.0.11001. An adversary with no special credentials can exploit this flaw through adjacent access, allowing for potential data disclosure. This attack can be executed without user interaction, making it a significant concern for data confidentiality. Companies utilizing affected versions are encouraged to apply relevant patches and consult Intel's advisory for comprehensive remediation steps.

Affected Version(s)

Intel(R) CIP software before version WIN_DCA_2.4.0.11001

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Jan 25, 2025

JSON