Improper Privilege Management in Intel CIP Software
CVE-2025-24838

7.7HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-24838?

Intel's CIP software prior to version WIN_DCA_2.4.0.11001 is susceptible to a vulnerability that allows an attacker to escalate privileges by exploiting improper privilege management. This flaw can be exploited by unprivileged software adversaries who possess authenticated user access, enabling them to launch a low-complexity attack potentially via network access. The attack does not require special internal knowledge or user interaction, which raises significant security concerns regarding the confidentiality, integrity, and availability of affected systems.

Affected Version(s)

Intel(R) CIP software before version WIN_DCA_2.4.0.11001

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Jan 30, 2025

JSON