关键漏洞信息 Intel ID: INTEL-SA-01265 Advisory Category: Software Impact of Vulnerability: Escalation of Privilege Severity Rating: Medium CVE ID: CVE-2025-20106 Description: Uncontrolled search path in some software installer for some VTune™ Profiler software and Intel® oneAPI Base Toolkits before version 2025.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. Affected Products: - VTune™ Profiler software before version 2025.0 - Intel® oneAPI Base Toolkits before version 2025.0 Recommendation: Intel recommends updating VTune™ Profiler software and Intel® oneAPI Base Toolkits to version 2025.0 or later.