Insufficient Control Flow Management in Intel 700 Series Ethernet Driver
CVE-2025-25273

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) 700 Series Ethernet
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-25273?

The Linux kernel-mode driver for Intel(R) 700 Series Ethernet devices prior to version 2.28.5 exhibits insufficient control flow management, which may allow an authenticated user to escalate their privileges through local access. This vulnerability poses significant risks, as attackers could exploit it to gain unauthorized access to system resources and sensitive information.

Affected Version(s)

Intel(R) 700 Series Ethernet before version 2.28.5

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Feb 21, 2025