Escalation of Privilege Vulnerability in Intel Endpoint Management Assistant Software
CVE-2025-35990

8.7HIGH

Key Information:

Vendor: Intel
Status: Intel Endpoint Management Assistant (ema) Software
Vendor: CVE Published:; 12 May 2026

What is CVE-2025-35990?

An improper input validation vulnerability exists in Intel Endpoint Management Assistant software prior to version 1.14.5. This flaw could enable an unprivileged adversary to escalate privileges under certain conditions, potentially allowing unauthorized access and control over affected systems. Attackers could exploit this vulnerability with low complexity and without requiring authentication or user interaction. The risk exists mainly when adjacent access to the system is attainable, highlighting the need for immediate updates to mitigate potential threats.

Affected Version(s)

Intel Endpoint Management Assistant (EMA) software before version 1.14.5

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Apr 15, 2025

CVE-2025-35990 Data

JSON