CVE-2025-24512 MEDIUM

CVE-2025-24512

Vendor N/A
Product Intel(R) PROSet/Wireless WiFi Software for Windows
Weakness CWE-20 · Input validation
Published November 11, 2025
Last update November 14, 2025

CVSS base score

5.6/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Authorized adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (low) impacts.

Key dates

02Disclosure timeline

November 11, 2025 CVE published
November 14, 2025 Record updated