Which versions of Intel are affected by CVE-2025-32453?

CVE-2025-32453 presents notable security risk, a incorrect default permissions vulnerability rated CVSS 6.7. Attackers could gain access beyond their authorized level.

How to fix or mitigate CVE-2025-32453?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Review and tighten file/resource permissions.

Intel CVE-2025-32453

Q: What is the CVSS score of CVE-2025-32453?

CVE-2025-32453 has a CVSS 4.0 base score of 5.4 (Medium). CVSS vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

MEDIUM

Incorrect Default Permissions (CWE-276)

2026-02-10 secure@intel.com

Privilege Escalation Intel

5.4

CVSS 4.0

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

Scope

Lifecycle Timeline

CVSS changed

Apr 20, 2026 - 12:37 NVD

6.7 (MEDIUM) 5.4 (MEDIUM)

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

CVE Published

Feb 10, 2026 - 17:16 nvd

MEDIUM 6.7

DescriptionNVD

Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

AnalysisAI

Technical ContextAI

Classified as CWE-276 (Incorrect Default Permissions). Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (