Sign-up

ID

VAR-202602-4010


CVE

CVE-2025-27535


TITLE

Intel's Intel Ethernet Controller Insufficient access control in  IOCTL  Disclosure Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2026-007689

DESCRIPTION

Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before version NVM ver. 3.84 within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. ioctl There is a problem. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-27535 // JVNDB: JVNDB-2026-007689

AFFECTED PRODUCTS

vendor:intelmodel:ethernet controllerscope:ltversion:30.3

Trust: 1.0

vendor:インテルmodel:intel ethernet controllerscope:eqversion:30.3

Trust: 0.8

vendor:インテルmodel:intel ethernet controllerscope:eqversion: -

Trust: 0.8

vendor:インテルmodel:intel ethernet controllerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2026-007689 // NVD: CVE-2025-27535

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@intel.com: CVE-2025-27535
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2025-27535
value: MEDIUM

Trust: 1.0

NVD: CVE-2025-27535
value: MEDIUM

Trust: 0.8

secure@intel.com: CVE-2025-27535
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 4.0
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2025-27535
baseSeverity: MEDIUM
baseScore: 4.1
vectorString: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 0.5
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2025-27535
baseSeverity: MEDIUM
baseScore: 4.1
vectorString: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-007689 // NVD: CVE-2025-27535 // NVD: CVE-2025-27535

PROBLEMTYPE DATA

problemtype:CWE-782

Trust: 1.0

problemtype:due to poor access control IOCTL the publication of (CWE-782) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-007689 // NVD: CVE-2025-27535

PATCH

title:INTEL-SA-01171url:https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html

Trust: 0.8

sources: JVNDB: JVNDB-2026-007689

EXTERNAL IDS

db:NVDid:CVE-2025-27535

Trust: 2.6

db:JVNDBid:JVNDB-2026-007689

Trust: 0.8

sources: JVNDB: JVNDB-2026-007689 // NVD: CVE-2025-27535

REFERENCES

url:https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2025-27535

Trust: 0.8

sources: JVNDB: JVNDB-2026-007689 // NVD: CVE-2025-27535

SOURCES

db:JVNDBid:JVNDB-2026-007689
db:NVDid:CVE-2025-27535

LAST UPDATE DATE

2026-03-19T23:18:09.679000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-007689date:2026-03-18T04:29:00
db:NVDid:CVE-2025-27535date:2026-03-17T15:45:07.677

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-007689date:2026-03-18T00:00:00
db:NVDid:CVE-2025-27535date:2026-02-10T17:16:14.427