CVE-2025-27576 is a vulnerability identified in the Edge Orchestrator software used on the Intel® Tiber™ Edge Platform, affecting versions prior to 24.11.1. The issue involves uncontrolled resource consumption, which can be triggered by an unauthenticated user with local access to the system. This vulnerability allows an attacker to cause a denial of service (DoS) condition by exhausting system resources, potentially leading to service disruption or system instability. The vulnerability does not require authentication or user interaction but does require local access, limiting the attack vector to users or processes already present on the device or network segment. The CVSS 4.0 base score is 2.9, indicating a low severity primarily due to the requirement for local access and high attack complexity. The vulnerability impacts availability but does not affect confidentiality or integrity. No known exploits are currently reported in the wild, and no patches or mitigation links are provided in the source data, suggesting that remediation may require updating to version 24.11.1 or later once available. The vulnerability is specific to Intel's Edge Orchestrator software on the Tiber Edge Platform, which is typically deployed in edge computing environments to manage distributed computing resources and workloads close to data sources or end users.

For European organizations utilizing Intel's Tiber Edge Platform with the affected Edge Orchestrator software, this vulnerability poses a risk of localized denial of service. The impact is primarily operational, as an attacker with local access could disrupt edge computing services, potentially affecting critical applications that rely on edge processing such as industrial automation, smart city infrastructure, or telecommunications. While the low severity and local access requirement reduce the likelihood of widespread disruption, organizations with sensitive or high-availability edge deployments could experience service interruptions, impacting business continuity and operational efficiency. The vulnerability does not compromise data confidentiality or integrity, but availability degradation could indirectly affect service-level agreements and user experience. Given the increasing adoption of edge computing in Europe, especially in sectors like manufacturing, energy, and transportation, the vulnerability warrants attention to maintain resilient edge infrastructure.

To mitigate this vulnerability, European organizations should prioritize upgrading the Edge Orchestrator software to version 24.11.1 or later as soon as it becomes available from Intel. Until a patch is applied, organizations should restrict local access to systems running the affected software by enforcing strict physical and network access controls, including limiting administrative privileges and using network segmentation to isolate edge devices. Monitoring resource usage on edge devices can help detect abnormal consumption patterns indicative of exploitation attempts. Implementing endpoint security solutions that can alert on unusual local activity may also reduce risk. Additionally, organizations should review and harden their edge computing environment configurations, ensuring minimal exposure to untrusted users or processes. Regularly auditing and updating edge platform software and firmware will help maintain security posture against emerging vulnerabilities.