CVE-2025-20046
5/13/2025 9:16:05 PM
18 روز قبل
18 روز قبل
3
Reporter :secure@intel.com
Modified :5/13/2025 9:16:05 PM
Problem Data :CWE-416
Description
Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Cvss Version 3.1
8
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
| Attack Vector | Adjacent Network |
| Attack Complexity | High |
| Privileges Required | None |
| User Interaction | None |
| Scope | Changed |
| Confidentiality Impact | None |
| Integrity Impact | High |
| Availability Impact | High |
Cvss Version 4.0
7.2
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H
| Attack Vector | Adjacent Network |
| Attack Complexity | Low |
| Privileges Required | None |
| User Interaction | None |
| Vulnerability Complexity | None |
| Vulnerability Impact | High |
EPSS
| Epss Score | 0 |
|---|---|
| Epss Percentile | 0 |
Note: Consider this fact that the EPSS model relies on historical data and real-world exploit information to calculate the probability of exploitation. When a CVE is newly published, there isn't enough data available to determine its likelihood of being exploited. As a result, the EPSS score defaults to 0 until more information becomes available.