CVE-2025-20015

MEDIUM 6.7

CVSS Score

6.7

EPSS Score

0.0%

EPSS Percentile

0th

Uncontrolled search path element for some Intel(R) Ethernet Connection software before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE	CWE-427
Vendor	n/a
Product	intel(r) ethernet connection software
Published	May 13, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for n/a intel(r) ethernet connection software

Be the first to know when new medium vulnerabilities affecting n/a intel(r) ethernet connection software are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

n/a / Intel(R) Ethernet Connection software

before version 29.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

intel.com: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01294.html