Details of VAR-202508-1590

ID

VAR-202508-1590

CVE

CVE-2025-25273

TITLE

Intel 700 Series Ethernet Privilege Escalation Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-19264

DESCRIPTION

Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. An attacker could exploit this vulnerability to escalate privileges

Trust: 1.44

sources: NVD: CVE-2025-25273 // CNVD: CNVD-2025-19264

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-19264

AFFECTED PRODUCTS

vendor:

intel

model:

series ethernet

scope:

version:

700<2.28.5

Trust: 0.6

sources: CNVD: CNVD-2025-19264

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@intel.com:	CVE-2025-25273
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2025-19264
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-19264
severity:	MEDIUM
baseScore:	6.0
vectorString:	AV:L/AC:H/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

secure@intel.com:	CVE-2025-25273
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.1
impactScore:	6.0
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-19264 // NVD: CVE-2025-25273

PROBLEMTYPE DATA

problemtype:

CWE-691

Trust: 1.0

sources: NVD: CVE-2025-25273

PATCH

title:

Patch for Intel 700 Series Ethernet Privilege Escalation Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/723001

Trust: 0.6

sources: CNVD: CNVD-2025-19264

EXTERNAL IDS

db:	NVD	id:	CVE-2025-25273	Trust: 1.6
db:	CNVD	id:	CNVD-2025-19264	Trust: 0.6

sources: CNVD: CNVD-2025-19264 // NVD: CVE-2025-25273

REFERENCES

url:	https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-25273	Trust: 0.6

sources: CNVD: CNVD-2025-19264 // NVD: CVE-2025-25273

SOURCES

db:	CNVD	id:	CNVD-2025-19264
db:	NVD	id:	CVE-2025-25273

LAST UPDATE DATE

2025-08-23T23:11:35.069000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-19264	date:	2025-08-22T00:00:00
db:	NVD	id:	CVE-2025-25273	date:	2025-08-13T17:34:12.350

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-19264	date:	2025-08-22T00:00:00
db:	NVD	id:	CVE-2025-25273	date:	2025-08-12T17:15:35.660