Cyber Resilience

CVE-2025-24299

High

Published: 11 November 2025

Published
11 November 2025
Modified
26 November 2025
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0011 28.8th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-24299 is a high-severity Improper Input Validation (CWE-20) vulnerability in Intel Computing Improvement Program. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 28.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-24299 is an improper input validation vulnerability (CWE-20) in certain Intel(R) CIP software versions prior to WIN_DCA_2.4.0.11001, specifically within Ring 3 User Applications. This flaw may allow an escalation of privilege.

An unprivileged software adversary with authenticated user privileges can exploit the vulnerability using a low-complexity attack, potentially via network access without special internal knowledge or user interaction. Exploitation enables escalation of privilege with high impacts to confidentiality, integrity, and availability, earning a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Intel's security advisory INTEL-SA-01328, available at https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01328.html, addresses the issue. Mitigation requires updating the affected Intel(R) CIP software to version WIN_DCA_2.4.0.11001 or later.

EU & UK References

Vulnerability details

Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege.…

more

This result may potentially occur via network access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The vulnerability explicitly enables escalation of privilege through improper input validation exploitation in user-mode software, directly mapping to T1068: Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2024-31858Same vendor: Intel
CVE-2025-21234Shared CWE-20
CVE-2025-48647Shared CWE-20
CVE-2025-25210Shared CWE-20
CVE-2026-21733Shared CWE-20
CVE-2026-7905Shared CWE-20
CVE-2026-7997Shared CWE-20
CVE-2026-5174Shared CWE-20
CVE-2026-26170Shared CWE-20
CVE-2026-9914Shared CWE-20

Affected Assets

intel
computing improvement program
≤ 2.4.11001

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of all inputs to prevent exploitation of the improper input validation vulnerability (CWE-20) in Intel CIP user applications.

prevent

Ensures timely flaw remediation by requiring updates to the affected Intel CIP software version WIN_DCA_2.4.0.11001 or later as specified in the advisory.

prevent

Enforces least privilege to limit the scope and impact of potential privilege escalation from unprivileged authenticated user contexts.

References