Sign-up

ID

VAR-202602-1238


CVE

CVE-2025-24851


TITLE

Intel's Intel Ethernet Controller uncaught exception vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2026-007691

DESCRIPTION

Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-24851 // JVNDB: JVNDB-2026-007691

AFFECTED PRODUCTS

vendor:intelmodel:ethernet controllerscope:ltversion:30.3

Trust: 1.0

vendor:インテルmodel:intel ethernet controllerscope:eqversion:30.3

Trust: 0.8

vendor:インテルmodel:intel ethernet controllerscope:eqversion: -

Trust: 0.8

vendor:インテルmodel:intel ethernet controllerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2026-007691 // NVD: CVE-2025-24851

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@intel.com: CVE-2025-24851
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2025-24851
value: MEDIUM

Trust: 1.0

NVD: CVE-2025-24851
value: MEDIUM

Trust: 0.8

secure@intel.com: CVE-2025-24851
baseSeverity: MEDIUM
baseScore: 6.0
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.5
impactScore: 4.0
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2025-24851
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2025-24851
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-007691 // NVD: CVE-2025-24851 // NVD: CVE-2025-24851

PROBLEMTYPE DATA

problemtype:CWE-248

Trust: 1.0

problemtype:uncaught exception (CWE-248) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-007691 // NVD: CVE-2025-24851

PATCH

title:INTEL-SA-01171url:https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html

Trust: 0.8

sources: JVNDB: JVNDB-2026-007691

EXTERNAL IDS

db:NVDid:CVE-2025-24851

Trust: 2.6

db:JVNDBid:JVNDB-2026-007691

Trust: 0.8

sources: JVNDB: JVNDB-2026-007691 // NVD: CVE-2025-24851

REFERENCES

url:https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2025-24851

Trust: 0.8

sources: JVNDB: JVNDB-2026-007691 // NVD: CVE-2025-24851

SOURCES

db:JVNDBid:JVNDB-2026-007691
db:NVDid:CVE-2025-24851

LAST UPDATE DATE

2026-03-19T23:41:29.844000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-007691date:2026-03-18T04:29:00
db:NVDid:CVE-2025-24851date:2026-03-17T15:43:25.477

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-007691date:2026-03-18T00:00:00
db:NVDid:CVE-2025-24851date:2026-02-10T17:16:12.890