Medium severity5.6NVD Advisory· Published Nov 11, 2025· Updated Apr 15, 2026

CVE-2025-24512

Description

Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Authorized adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (low) impacts.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Improper input validation in Intel PROSet/Wireless WiFi drivers allows a local authenticated attacker to cause denial of service.

CVE-2025-24512 describes an improper input validation vulnerability in Intel PROSet/Wireless WiFi Software for Windows, specifically within Ring 2: Device Drivers, affecting versions before 23.160 [1]. This flaw arises from insufficient validation of input data, which can be triggered through local access.

To exploit this vulnerability, an adversary must be an authenticated user with special internal knowledge and perform a high complexity attack. The attack requires no user interaction and is conducted locally [1]. The prerequisites make it less likely for widespread exploitation but still pose a risk in environments where attackers have already gained user-level access.

Successful exploitation leads to a denial of service condition, impacting system availability with high severity. Confidentiality and integrity remain unaffected. The subsequent impact on system availability is rated low, likely due to recovery mechanisms or limited scope [1].

Intel has addressed this vulnerability in PROSet/Wireless WiFi Software version 23.160 and later. Users are advised to update their drivers to the latest version to mitigate the risk [1].

References

INTEL-SA-01398

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Intel/Proset\/wireless Software And Driversllm-fuzzy
Range: <23.160

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

intel.com/content/www/us/en/security-center/advisory/intel-sa-01398.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.364
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000