← volver
CVE-2025-20106

CVE-2025-20106

CVSS 5.4 MEDIUMEPSS 0.1%CWE-427
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.4EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
10 feb 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →