What is CVE-2025-20629?

CVE-2025-20629 is a medium-severity vulnerability in Intel(r) Ethernet Network Adapter E810 Series, classified under Insecure Inherited Permissions. CVSS score: 6.7/10. Published 2025-05-13.

How severe is CVE-2025-20629?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Vulnerability in Intel(r) Ethernet Network Adapter E810 Series

CVE-2025-20629

Insecure inherited permissions in the NVM Update Utility for some Intel(R) Ethernet Network Adapter E810 Series before version 4.60 may allow an authenticated user to potentially enable escalation of privilege via local access.

EPSS: 0.000 (14.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

N/a Intel(r) Ethernet Network Adapter E810 Series — versions before version 4.60

Weakness classification (CWE)

CWE-277 — Insecure Inherited Permissions

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01295.html

Frequently asked questions

What is CVE-2025-20629?: CVE-2025-20629 is a medium-severity vulnerability in Intel(r) Ethernet Network Adapter E810 Series, classified under Insecure Inherited Permissions. CVSS score: 6.7/10. Published 2025-05-13.
How severe is CVE-2025-20629?: Medium severity. CVSS v3 base score is 6.7 out of 10.