CVE-2025-27246
📋 TL;DR
The Intel Processor Identification Utility before version 8.0.43 has incorrect default permissions that could allow a local authenticated attacker to escalate privileges and potentially execute arbitrary code. This vulnerability requires user interaction and a complex attack chain, affecting systems where this utility is installed. The impact is limited to local access scenarios.
💻 Affected Systems
- Intel(R) Processor Identification Utility
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Local authenticated attacker gains full system control through privilege escalation and arbitrary code execution, compromising confidentiality, integrity, and availability of the entire system.
Likely Case
Limited impact due to high complexity requirements and need for authenticated access with user interaction; most likely scenario is failed exploitation attempts or minimal privilege escalation.
If Mitigated
With proper access controls and user awareness, exploitation becomes extremely difficult; impact limited to denial of service or minor privilege escalation.
🎯 Exploit Status
Requires authenticated user access, local system access, user interaction, and a complex attack chain. No public exploits known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 8.0.43 or later
Vendor Advisory: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01334.html
Restart Required: Yes
Instructions:
1. Download Intel Processor Identification Utility version 8.0.43 or later from Intel's website. 2. Uninstall the current vulnerable version. 3. Install the updated version. 4. Restart the system to ensure changes take effect.
🔧 Temporary Workarounds
Remove or restrict utility access
windowsUninstall the Intel Processor Identification Utility or restrict user permissions to prevent execution
Control Panel > Programs > Uninstall a program > Select Intel Processor Identification Utility > Uninstall
Apply strict file permissions
windowsSet restrictive permissions on the utility executable to prevent unauthorized execution
icacls "C:\Program Files\Intel\Processor Identification Utility\*" /deny Users:(RX)
🧯 If You Can't Patch
- Uninstall the Intel Processor Identification Utility completely from affected systems
- Implement strict access controls and application whitelisting to prevent unauthorized execution of the utility
🔍 How to Verify
Check if Vulnerable:
Check the installed version of Intel Processor Identification Utility; if version is below 8.0.43, the system is vulnerable.Check Version:
On Windows: Check Programs and Features in Control Panel or run the utility and check About section. On Linux: Check package manager or run the utility with --version flag.Verify Fix Applied:
Verify that Intel Processor Identification Utility version 8.0.43 or later is installed and running.📡 Detection & Monitoring
Log Indicators:
- Failed execution attempts of Intel Processor Identification Utility
- Unexpected privilege escalation events
- Process creation events related to the utility
Network Indicators:
- No network indicators - this is a local privilege escalation vulnerability
SIEM Query:
EventID=4688 AND ProcessName LIKE '%Processor Identification Utility%' OR EventID=4672 AND ProcessName LIKE '%Processor Identification Utility%'