463 matches found
CVE-2025-24862
Unrestricted upload of file with dangerous type for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data...
CVE-2025-24847
Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-24847
Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-24862
Unrestricted upload of file with dangerous type for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data...
CVE-2025-24299
Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...
CVE-2025-24314
Improper access control for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may...
CVE-2025-24307
Improper privilege management for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data manipulation. This...
CVE-2025-20614
External control of file name or path for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable escalation of privileg...
CVE-2025-20050
Uncontrolled search path for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This...
CVE-2025-20050
Uncontrolled search path for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This...
CVE-2025-24862
Unrestricted upload of file with dangerous type for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data...
CVE-2025-24862
Unrestricted upload of file with dangerous type for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data...
CVE-2025-24862
Intel CIP software prior to WIN_DCA_2.4.0.11001 contains CVE-2025-24862: an unrestricted upload of a dangerous file type in Ring 3 User Applications, potentially enabling privilege escalation and data manipulation. The issue requires network access with internal knowledge and passive user interac...
CVE-2025-24848
Protection mechanism failure for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This...
CVE-2025-24848
Intel CIP software prior to WIN_DCA_2.4.0.11001 suffers a protection mechanism failure in Ring 3 (User Applications) that may allow an Elevation of Privilege by a local attacker with privileged user context and high attack complexity. Affected products are IntelĀ® CIP software before WIN_DCA_2.4.0...
CVE-2025-24847
Intel CIP software prior to WIN_DCA_2.4.0.11001 is affected by an improper input validation vulnerability in Ring 3 User Applications that can lead to information disclosure. Unprivileged adversaries with a privileged user and low attack complexity, potentially via network access with passive use...
CVE-2025-24838
Intel CIP software prior to WIN_DCA_2.4.0.11001 contains multiple CVEs, including CVE-2025-24838, describing improper privilege management in Ring 3 User Applications that may allow privilege escalation. A low-privileged, authenticated user could exploit this with a low-complexity attack, potenti...
CVE-2025-24834
Protection mechanism failure for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable data exposure. This result...
CVE-2025-24516
Improper access control for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-24516
Intel CIP software prior to WIN_DCA_2.4.0.11001 is affected by an improper access control vulnerability that may cause information disclosure. The issue allows an unprivileged user, combined with a privileged user and a low-complexity attack, to expose data via adjacent access without user intera...