关键信息 Intel ID: INTEL-SA-01286 Advisory Category: Software Impact of Vulnerability: Escalation of Privilege Severity Rating: High Original Release: 06/12/2023 Last Revision: 06/12/2023 Summary A potential security vulnerability in some Intel® Connectivity Performance Suite software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details CVE-ID: CVE-2025-20074 Description: Time-of-check Time-of-use race condition for some Intel® Connectivity Performance Suite software installers before version 40.24.11210 may allow an authenticated user to potentially enable escalation of privilege via local access. CVSS Base Score 3.1: 7.8 High CVSS Vector 3.1: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Base Score 4.0: 7.3 High CVSS Vector 4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/V:C/I:H/A:H/SC:N/SI:N/SA:N Affected Products Intel® Connectivity Performance Suite software before Version 40.24.11210. Recommendation Intel recommends updating Intel® Connectivity Performance Suite software to version 40.24.11210 or later. Updates are available for download at this location: https://www.intel.com/content/www/us/en/download/738623 Acknowledgements Intel would like to thank Julian Horowitz (Golden Red Team) for reporting this issue.