关键信息 Intel ID: INTEL-SA-01338 Advisory Category: Software Impact of Vulnerability: Escalation of Privilege Severity Rating: MEDIUM Original Release: 08/12/2025 Last Updated: 08/12/2025 Summary A potential security vulnerability in some Intel® AI for Enterprise Retrieval-augmented Generation software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details CVE ID: CVE-2025-24923 Description: Uncontrolled search path in some Intel® AI for Enterprise Retrieval-augmented Generation software may allow an authenticated user to potentially escalate privileges via local access. CVSS Base Score 3.1: 6.7 Medium CVSS Vector 3.1: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H CVSS Base Score 4.0: 5.4 Medium CVSS Vector 4.0: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/V:C/I:H/VA:H/SC:N/SI:N/SA:N Affected Products Intel® AI for Enterprise Retrieval-augmented Generation before version 1.1.0 Recommendation Intel recommends updating Intel® AI for Enterprise Retrieval-augmented Generation software to version 1.1.0 or later. Updates are available for download at this location: https://github.com/intel-project/Enterprise-RAG/releases