CVE-2025-24851

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-24851
Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

6.0 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:intel:ethernet_controller:*:*:*:*:*:*:*:*
OR cpe:2.3:h:intel:ethernet_network_adapter_e810-2cqda2:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1_for_ocp_3.0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2_for_ocp_3.0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2t:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda2:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda2_for_ocp_3.0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda4_for_ocp_3.0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda4t:-:*:*:*:*:*:*:*
History

17 Mar 2026, 15:43

Type Values Removed Values Added
CPE cpe:2.3:a:intel:ethernet_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2t:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda2:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1_for_ocp_3.0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda2_for_ocp_3.0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda4:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda4_for_ocp_3.0:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-2cqda2:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda4t:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2_for_ocp_3.0:-:*:*:*:*:*:*:*
Summary
  • (es) Excepción no capturada en el firmware para algunos controladores Ethernet Intel(R) E810 de 100GbE anteriores a la versión cvl fw 1.7.8.x dentro del Anillo 0: El sistema operativo Bare Metal puede permitir una denegación de servicio. Un adversario de software del sistema con un usuario privilegiado combinado con un ataque de baja complejidad puede habilitar la denegación de servicio. Este resultado puede ocurrir potencialmente a través de acceso local cuando los requisitos de ataque no están presentes sin conocimiento interno especial y no requiere interacción del usuario. La vulnerabilidad potencial puede impactar la confidencialidad (ninguna), integridad (ninguna) y disponibilidad (alta) del sistema vulnerable, lo que resulta en impactos posteriores en la confidencialidad (ninguna), integridad (ninguna) y disponibilidad (ninguna) del sistema.
First Time Intel ethernet Network Adapter E810-cqda2t
Intel ethernet Network Adapter E810-xxvda4t
Intel
Intel ethernet Network Adapter E810-xxvda2
Intel ethernet Network Adapter E810-xxvda2 For Ocp 3.0
Intel ethernet Network Adapter E810-2cqda2
Intel ethernet Network Adapter E810-cqda2
Intel ethernet Network Adapter E810-xxvda4
Intel ethernet Network Adapter E810-cqda1 For Ocp 3.0
Intel ethernet Network Adapter E810-cqda1
Intel ethernet Network Adapter E810-cqda2 For Ocp 3.0
Intel ethernet Controller
Intel ethernet Network Adapter E810-xxvda4 For Ocp 3.0
References () https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html - () https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html - Vendor Advisory

10 Feb 2026, 17:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-10 17:16

Updated : 2026-03-17 15:43

NVD link : CVE-2025-24851

Mitre link : CVE-2025-24851

CVE.ORG link : CVE-2025-24851

JSON object : View

Products Affected

intel

  • ethernet_network_adapter_e810-xxvda4_for_ocp_3.0
  • ethernet_network_adapter_e810-cqda2_for_ocp_3.0
  • ethernet_network_adapter_e810-xxvda2
  • ethernet_network_adapter_e810-xxvda2_for_ocp_3.0
  • ethernet_network_adapter_e810-xxvda4
  • ethernet_controller
  • ethernet_network_adapter_e810-cqda1_for_ocp_3.0
  • ethernet_network_adapter_e810-xxvda4t
  • ethernet_network_adapter_e810-cqda2t
  • ethernet_network_adapter_e810-cqda2
  • ethernet_network_adapter_e810-cqda1
  • ethernet_network_adapter_e810-2cqda2
CWE
CWE-248

Uncaught Exception