CVE-2025-24486 HIGH

CVE-2025-24486

Vendor N/A

Product Intel(R) 700 Series Ethernet

Weakness CWE-20 · Input validation

Published August 12, 2025

Last update February 26, 2026

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity High

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Key dates

02Disclosure timeline

August 12, 2025 CVE published

February 26, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-24486

Related vulnerabilities

04Related CVE

CVE-2022-47192 Admin password reset via file upload vulnerability in Generex CS141 CVE-2025-62525 OpenWrt vulnerable to local privilage escalation CVE-2021-3442 CVE-2023-25867 Adobe Substance 3D Stager PCX File Parsing Memory Corruption Remote Code Execution Vulnerability CVE-2024-2339 Improper Input Validation in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking rule