Severity
Medium
Analysis Summary
CVE-2025-22843 CVSS:7.8
Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-24308 CVSS:7.5
Improper input validation in the UEFI firmware error handler for the Intel(R) Server D50DNP and M50FCP may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-36292 CVSS:7.3
Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-45333 CVSS:7.3
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service via local access.
Impact
- Privilege Escalation
- Denial of Service
Indicators of Compromise
CVE
CVE-2025-22843
CVE-2025-24308
CVE-2024-36292
CVE-2024-45333
Affected Vendors
Affected Products
- Edge Orchestrator software for Intel(R) Tiber™ Edge
- Intel(R) Server D50DNP and M50FCP
- Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.431
Remediation
Upgrade to the latest version, available from the Intel Website.