CVE-2025-22895 is a medium-severity information disclosure vulnerability affecting the Edge Orchestrator software component of the Intel(R) Tiber™ Edge Platform. This vulnerability allows an authenticated user with local access and low privileges to potentially disclose sensitive information due to insufficient access controls or improper handling of sensitive data within the Edge Orchestrator software. The vulnerability does not require user interaction beyond authentication, and it is exploitable only via local access, limiting the attack vector to users who already have some level of access to the system. The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N) indicates that the attack requires low complexity and low privileges but no user interaction, with limited impact on confidentiality (low), and no impact on integrity or availability. The vulnerability is specific to Intel's Edge Orchestrator software, which manages edge computing resources on the Intel Tiber Edge Platform, a solution designed for distributed computing environments at the network edge. Since the vulnerability involves information disclosure, it could expose sensitive operational or configuration data that may aid an attacker in further attacks or compromise of the edge platform. No known exploits are reported in the wild yet, and no patches or mitigations have been explicitly linked in the provided information. The vulnerability was reserved in January 2025 and published in May 2025, indicating recent discovery and disclosure.

For European organizations deploying Intel Tiber Edge Platforms, particularly those relying on Edge Orchestrator software for managing edge computing workloads, this vulnerability could lead to unauthorized disclosure of sensitive information such as configuration details, credentials, or operational data. This exposure could facilitate lateral movement or escalation by malicious insiders or attackers who have gained limited local access. Given the increasing adoption of edge computing in sectors like manufacturing, telecommunications, energy, and critical infrastructure across Europe, the confidentiality breach could undermine operational security and data privacy compliance, especially under GDPR. Although the vulnerability requires authenticated local access, insider threats or attackers exploiting other vulnerabilities to gain initial access could leverage this flaw to gather intelligence on the system. The limited scope and medium severity reduce the risk of widespread disruption but do not eliminate the potential for targeted attacks on critical edge deployments in Europe.

European organizations should implement strict access controls to limit local access to systems running the Intel Tiber Edge Platform and its Edge Orchestrator software. This includes enforcing the principle of least privilege for user accounts and regularly auditing local user permissions. Network segmentation and endpoint security controls should be used to prevent unauthorized lateral movement to edge devices. Organizations should monitor for unusual local access patterns and implement logging and alerting on access to the Edge Orchestrator software. Since no patch information is provided, organizations should maintain close contact with Intel for updates and apply any forthcoming patches promptly. Additionally, hardening the underlying operating system and employing application whitelisting can reduce the risk of exploitation. Where possible, multi-factor authentication for local access should be enforced to raise the barrier for attackers. Finally, conducting regular security assessments and penetration testing focused on edge computing environments will help identify and remediate related weaknesses.