CVE-2025-20032
5/13/2025 9:16:04 PM
18 روز قبل
18 روز قبل
2
Reporter :secure@intel.com
Modified :5/13/2025 9:16:04 PM
Problem Data :CWE-20
Description
Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access.
Cvss Version 3.1
7.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | High |
| User Interaction | None |
| Scope | Changed |
| Confidentiality Impact | None |
| Integrity Impact | High |
| Availability Impact | High |
Cvss Version 4.0
8.3
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | High |
| User Interaction | None |
| Vulnerability Complexity | None |
| Vulnerability Impact | High |
EPSS
| Epss Score | 0 |
|---|---|
| Epss Percentile | 0 |
Note: Consider this fact that the EPSS model relies on historical data and real-world exploit information to calculate the probability of exploitation. When a CVE is newly published, there isn't enough data available to determine its likelihood of being exploited. As a result, the EPSS score defaults to 0 until more information becomes available.