← back
CVE-2025-20629

CVE-2025-20629

CVSS 5.4 MEDIUMEPSS 0.1%CWE-277
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.4EPSS 0.1%KEV nãoPoC Patch
Lifecycle
13 May 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Insecure inherited permissions in the NVM Update Utility for some Intel(R) Ethernet Network Adapter E810 Series before version 4.60 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
n/a · Intel(R) Ethernet Network Adapter E810 Series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01295.html