CVE-2025-22849 — Vulnetix

CVE-2025-22849 PUBLISHED CVSS 6.699999809265137 MEDIUM

Incorrect default permissions for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

EPSS 0.00% · 0.2th percentile

Risk Scores

CVSS 3.1

6.699999809265137

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.00%

0.2th percentile

Affected Products

Vendor	Product	Versions
n/a	Intel(R) Optane(TM) PMem management software	See references

Exploit Intelligence

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01323.html (circl)

Timeline

Jan 30, 2025 CVE ID Reserved
Feb 10, 2026 CVE Published
Feb 11, 2026 EPSS Score
Feb 11, 2026 CVE Updated
Feb 13, 2026 EPSS Score
Feb 15, 2026 EPSS Score
Feb 17, 2026 EPSS Score
Feb 19, 2026 EPSS Score
Feb 21, 2026 EPSS Score
Feb 23, 2026 EPSS Score
Feb 25, 2026 EPSS Score
Feb 27, 2026 EPSS Score

References

Open in Interactive Console →