Unrestricted File Upload Vulnerability in Intel CIP Software
CVE-2025-24862

2LOW

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-24862?

An unrestricted file upload vulnerability exists in Intel(R) CIP software prior to version WIN_DCA_2.4.0.11001. This vulnerability could allow an adversary with unprivileged software access to potentially escalate privileges through the manipulation of data. Such an attack may require a high level of complexity and depend on specific internal knowledge while necessitating passive user interaction, which could be executed over a network. While the vulnerability does not directly affect confidentiality and availability, it poses risks to the integrity of the system. Consequently, exploitation of this vulnerability might have downstream impacts on system integrity.

Affected Version(s)

Intel(R) CIP software before version WIN_DCA_2.4.0.11001

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Jan 30, 2025

JSON