CVE-2025-24921

Medium CVSS 6.6

Overview

Improper neutralization for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

CWE: CWE-707 Published: 2025-08-12T17:15:35.343

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.6 (MEDIUM)
Detected tags: info_leak, unauth_access (tag impact: HIGH)

Recommended actions:

Reduce verbose errors, remove debug endpoints, minimize PII in logs.
Enforce authentication/authorization; reduce default endpoint exposure.

Overview

Recommended tools

Tags