Time-of-Check Time-of-Use Race Condition in ACAT by Intel
CVE-2025-27725

4.1MEDIUM

Key Information:

Vendor: Intel
Status: Acat
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-27725?

A vulnerability exists in Intel's ACAT software products prior to version 3.13, allowing an unprivileged software adversary with authenticated user access to potentially exploit a time-of-check time-of-use race condition. Successful execution of this complex attack may lead to a denial of service condition, necessitating active user interaction. This localized access vulnerability could impact availability, while maintaining confidentiality and integrity. Users are advised to upgrade to the latest version to mitigate risks.

Affected Version(s)

ACAT before version 3.13

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

4.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Apr 15, 2025

JSON