Intel Computing Improvement Program vulnerabilities
21 known vulnerabilities affecting intel/computing_improvement_program.
Total CVEs
21
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH9MEDIUM9LOW3
Vulnerabilities
Page 1 of 2
CVE-2025-24838HIGHCVSS 7.7fixed in 2.4.110012025-11-11
CVE-2025-24838 [HIGH] CWE-269 CVE-2025-24838: Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 with
Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via network access
nvd
CVE-2025-24299HIGHCVSS 8.7fixed in 2.4.110012025-11-11
CVE-2025-24299 [HIGH] CWE-20 CVE-2025-24299: Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within R
Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via network access when
nvd
CVE-2025-24848MEDIUMCVSS 5.3fixed in 2.4.110012025-11-11
CVE-2025-24848 [MEDIUM] CWE-693 CVE-2025-24848: Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 withi
Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when
nvd
CVE-2025-24863MEDIUMCVSS 6.0fixed in 2.4.110012025-11-11
CVE-2025-24863 [MEDIUM] CWE-269 CVE-2025-24863: Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 with
Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result may potentially occur via network access when atta
nvd
CVE-2025-24847MEDIUMCVSS 5.7fixed in 2.4.110012025-11-11
CVE-2025-24847 [MEDIUM] CWE-20 CVE-2025-24847: Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within R
Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via network access when attack requir
nvd
CVE-2025-20614MEDIUMCVSS 5.6fixed in 2.4.110012025-11-11
CVE-2025-20614 [MEDIUM] CWE-73 CVE-2025-20614: External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11
External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local acce
nvd
CVE-2025-24834MEDIUMCVSS 6.0fixed in 2.4.110012025-11-11
CVE-2025-24834 [MEDIUM] CWE-693 CVE-2025-24834: Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 withi
Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable data exposure. This result may potentially occur via adjacent access when at
nvd
CVE-2025-20050MEDIUMCVSS 5.4fixed in 2.4.110012025-11-11
CVE-2025-20050 [MEDIUM] CWE-427 CVE-2025-20050: Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ri
Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when at
nvd
CVE-2025-24862LOWCVSS 2.0fixed in 2.4.110012025-11-11
CVE-2025-24862 [LOW] CWE-434 CVE-2025-24862: Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DC
Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via network
nvd
CVE-2025-24314LOWCVSS 2.1fixed in 2.4.110012025-11-11
CVE-2025-24314 [LOW] CWE-284 CVE-2025-24314: Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Rin
Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via network access when attack requireme
nvd
CVE-2025-24307LOWCVSS 2.3fixed in 2.4.110012025-11-11
CVE-2025-24307 [LOW] CWE-269 CVE-2025-24307: Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 with
Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data manipulation. This result may potentially occur via network access when a
nvd
CVE-2024-36482HIGHCVSS 7.1fixed in 2.4.108522024-11-13
CVE-2024-36482 [HIGH] CWE-20 CVE-2024-36482: Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privile
Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access.
nvd
CVE-2024-36276MEDIUMCVSS 5.4fixed in 2.4.108522024-11-13
CVE-2024-36276 [MEDIUM] CWE-277 CVE-2024-36276: Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an
Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2023-43489MEDIUMCVSS 6.8fixed in 2.4.107172024-08-14
CVE-2023-43489 [MEDIUM] CWE-284 CVE-2023-43489: Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authent
Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denial of service via local access.
nvd
CVE-2023-35769HIGHCVSS 7.8fixed in 2.4.105772024-02-14
CVE-2023-35769 [MEDIUM] CWE-427 CVE-2023-35769: Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an authent
Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2021-0074HIGHCVSS 7.8fixed in 2.4.59822021-06-09
CVE-2021-0074 [HIGH] CWE-281 CVE-2021-0074: Improper permissions in the installer for the Intel(R) Computing Improvement Program software before
Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2021-0052HIGHCVSS 7.8fixed in 2.4.65222021-06-09
CVE-2021-0052 [HIGH] CWE-269 CVE-2021-0052: Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 m
Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access.
nvd
CVE-2020-12308MEDIUMCVSS 6.5fixed in 2.4.59822020-11-12
CVE-2020-12308 [MEDIUM] CVE-2020-12308: Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may a
Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may allow an unprivileged user to potentially enable information disclosure via network access.
nvd
CVE-2020-8736HIGHCVSS 7.8fixed in 2.4.57182020-08-13
CVE-2020-8736 [HIGH] CVE-2020-8736: Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2
Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local access.
nvd
CVE-2019-11162HIGHCVSS 7.8fixed in 2.4.0.047332019-08-19
CVE-2019-11162 [HIGH] CVE-2019-11162: Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvemen
Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvement Program before version 2.4.0.04733 may allow an authenticated user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
nvd
1 / 2Next →