What is the CVSS score of CVE-2025-24851?

CVE-2025-24851 has a CVSS 3.1 base score of 6.0 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Ethernet Controller are affected by CVE-2025-24851?

CVE-2025-24851 presents moderate security risk rated CVSS 6.0. Exploitation could compromise the security of affected deployments.

How to fix or mitigate CVE-2025-24851?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Ethernet Controller CVE-2025-24851

MEDIUM

Uncaught Exception (CWE-248)

2026-02-10 secure@intel.com

Denial Of Service Intel Ethernet Controller

6.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

CVE Published

Feb 10, 2026 - 17:16 nvd

MEDIUM 6.0

DescriptionNVD

Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.