Details of VAR-202602-1091

ID

VAR-202602-1091

CVE

CVE-2025-32003

TITLE

Intel's Intel Ethernet Controller Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2026-007688

DESCRIPTION

Out-of-bounds read in the firmware for some 100GbE Intel(R) Ethernet Network Adapter E810 before version cvl fw 1.7.6, cpk 1.3.7 within Ring 0: Bare Metal OS may allow a denial of service. Network adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via network access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-32003 // JVNDB: JVNDB-2026-007688

AFFECTED PRODUCTS

vendor:	intel	model:	ethernet controller	scope:	lt	version:	30.3	Trust: 1.0
vendor:	インテル	model:	intel ethernet controller	scope:	eq	version:	30.3	Trust: 0.8
vendor:	インテル	model:	intel ethernet controller	scope:	eq	version:	-	Trust: 0.8
vendor:	インテル	model:	intel ethernet controller	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2026-007688 // NVD: CVE-2025-32003

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@intel.com:	CVE-2025-32003
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2026-007688
value:	MEDIUM
Trust: 0.8

secure@intel.com:	CVE-2025-32003
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2026-007688
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-007688 // NVD: CVE-2025-32003

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.0
problemtype:	Out-of-bounds read (CWE-125) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-007688 // NVD: CVE-2025-32003

PATCH

title:

INTEL-SA-01171

url:

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html

Trust: 0.8

sources: JVNDB: JVNDB-2026-007688

EXTERNAL IDS

db:	NVD	id:	CVE-2025-32003	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-007688	Trust: 0.8

sources: JVNDB: JVNDB-2026-007688 // NVD: CVE-2025-32003

REFERENCES

url:	https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-32003	Trust: 0.8

sources: JVNDB: JVNDB-2026-007688 // NVD: CVE-2025-32003

SOURCES

db:	JVNDB	id:	JVNDB-2026-007688
db:	NVD	id:	CVE-2025-32003

LAST UPDATE DATE

2026-03-19T23:25:04.309000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-007688	date:	2026-03-18T04:29:00
db:	NVD	id:	CVE-2025-32003	date:	2026-03-17T15:44:17.563

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-007688	date:	2026-03-18T00:00:00
db:	NVD	id:	CVE-2025-32003	date:	2026-02-10T17:16:16.073