Improper Privilege Management in Intel CIP Software
CVE-2025-24863

6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Cip Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-24863?

The vulnerability in Intel CIP Software arises from improper privilege management within User Applications, allowing a potential information disclosure. An attacker with valid authentication, using unprivileged software and a low complexity attack, could exploit this vulnerability to access sensitive data over a network. The exploitation of this flaw requires no special internal knowledge or user interaction, making it particularly concerning for system confidentiality.

Affected Version(s)

Intel(R) CIP software before version WIN_DCA_2.4.0.11001

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Jan 30, 2025

JSON