Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3276 vulnerabilities by Intel
CERTFR-2026-AVI-0582
Vulnerability from certfr_avis - Published: 2026-05-13 - Updated: 2026-05-13
De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | AI Playground versions antérieures à 3.0.0 alpha | ||
| Intel | N/A | pilotes NPU pour Linux versions antérieures à 1.26.0 | ||
| Intel | les processeurs Intel | Core i5-1145G7E/GRE | ||
| Intel | N/A | pilotes Display Virtualization pour windows versions antérieures à 2119 | ||
| Intel | N/A | pilotes Ethernet 800 Series pour Linuxversions antérieures à 2.3.14 | ||
| Intel | les processeurs Intel | Core i7-1185G7E/GRE | ||
| Intel | les processeurs Intel | Atom Processor E3900 Series | ||
| Intel | les processeurs Intel | Core i3-11100HE | ||
| Intel | les processeurs Intel | Core i3-1115GRE/G4E | ||
| Intel | les processeurs Intel | Xeon W-11865MLE/MRE | ||
| Intel | les processeurs Intel | 10th Generation Intel Core Processor Family | ||
| Intel | N/A | Connectivity Performance Suite versions antérieures à 50.25.1121.193 | ||
| Intel | les processeurs Intel | Core i5-11500HE | ||
| Intel | N/A | EMA versions antéieures à 1.14.5 | ||
| Intel | les processeurs Intel | Core Ultra 200S Series Processors | ||
| Intel | N/A | Server Firmware Update Utility versions antérieures à 16.0.12 | ||
| Intel | N/A | Vision toutes versions | ||
| Intel | les processeurs Intel | Panther Lake H 4P+8E+4LP_E+12Xe Product | ||
| Intel | les processeurs Intel | Core Ultra Processors (Series 3) | ||
| Intel | les processeurs Intel | Core i7-11850HE | ||
| Intel | les processeurs Intel | Celeron 6600HE/HLE | ||
| Intel | les processeurs Intel | Xeon Processor D Family | ||
| Intel | les processeurs Intel | Xeon W-11155MLE/MRE | ||
| Intel | les processeurs Intel | Core Ultra Processors (Series 2) | ||
| Intel | N/A | pilotes QAT pour Windows versions 1.x antérieures à 1.13 | ||
| Intel | les processeurs Intel | 5th Generation Xeon Scalable processor | ||
| Intel | les processeurs Intel | 11th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Xeon Processor E Family | ||
| Intel | les processeurs Intel | 4th Generation Xeon Scalable processor | ||
| Intel | N/A | pilotes QAT pour Windows versions 2.x antérieures à 2.6.0 | ||
| Intel | N/A | pilotes Data Center Graphics pour VMware ESXi versions antérieures à 2.0.2 | ||
| Intel | les processeurs Intel | Celeron 6305E/RE | ||
| Intel | N/A | pilotes NPU pour Windows versions antérieures à 32.0.100.4511 | ||
| Intel | les processeurs Intel | Core Ultra Family | ||
| Intel | les processeurs Intel | Celeron Processor Family | ||
| Intel | les processeurs Intel | Xeon W-11555MLE/MRE | ||
| Intel | les processeurs Intel | 12th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Pentium Gold Processor Family | ||
| Intel | les processeurs Intel | 13th Generation Intel Core Processor Family |
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AI Playground versions ant\u00e9rieures \u00e0 3.0.0 alpha",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "pilotes NPU pour Linux versions ant\u00e9rieures \u00e0 1.26.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core i5-1145G7E/GRE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "pilotes Display Virtualization pour windows versions ant\u00e9rieures \u00e0 2119",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "pilotes Ethernet 800 Series pour Linuxversions ant\u00e9rieures \u00e0 2.3.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core i7-1185G7E/GRE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Atom Processor E3900 Series",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core i3-11100HE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core i3-1115GRE/G4E",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Xeon W-11865MLE/MRE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "10th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Connectivity Performance Suite versions ant\u00e9rieures \u00e0 50.25.1121.193",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core i5-11500HE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "EMA versions ant\u00e9ieures \u00e0 1.14.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": " Core Ultra 200S Series Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Server Firmware Update Utility versions ant\u00e9rieures \u00e0 16.0.12",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Vision toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "\nPanther Lake H 4P+8E+4LP_E+12Xe Product",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core Ultra Processors (Series 3) ",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core i7-11850HE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Celeron 6600HE/HLE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Xeon Processor D Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Xeon W-11155MLE/MRE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core Ultra Processors (Series 2)",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "pilotes QAT pour Windows versions 1.x ant\u00e9rieures \u00e0 1.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": " 5th Generation Xeon Scalable processor",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "11th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Xeon Processor E Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "4th Generation Xeon Scalable processor",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "pilotes QAT pour Windows versions 2.x ant\u00e9rieures \u00e0 2.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "pilotes Data Center Graphics pour VMware ESXi versions ant\u00e9rieures \u00e0 2.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Celeron 6305E/RE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "pilotes NPU pour Windows versions ant\u00e9rieures \u00e0 32.0.100.4511",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Core Ultra Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Celeron Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Xeon W-11555MLE/MRE",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "12th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Pentium Gold Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "13th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [],
"initial_release_date": "2026-05-13T00:00:00",
"last_revision_date": "2026-05-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0582",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01457",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01457.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01387",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01429",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01429.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01410",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01410.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01425",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01425.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01426",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01426.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01424",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01424.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01413",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01413.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01438",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01438.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01402",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01402.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01430",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01430.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01420",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01420.html"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01434",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01434.html"
}
]
}
CERTFR-2026-AVI-0261
Vulnerability from certfr_avis - Published: 2026-03-11 - Updated: 2026-03-11
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | les processeurs Intel | Intel Xeon D processor Family | ||
| Intel | les processeurs Intel | Intel Core X-series Processors | ||
| Intel | les processeurs Intel | 8th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Intel Atom Processor X Series | ||
| Intel | les processeurs Intel | Intel Xeon W processor 2200 series | ||
| Intel | les processeurs Intel | Intel Xeon Scalable processor family | ||
| Intel | les processeurs Intel | Intel Atom Processors | ||
| Intel | les processeurs Intel | Intel Xeon 6 | ||
| Intel | les processeurs Intel | Intel Atom C5000 and P5000 Product Family | ||
| Intel | les processeurs Intel | 10th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Intel Xeon W processor 2100 series Intel Core X-series processor | ||
| Intel | les processeurs Intel | Intel Xeon Processor E7 v3 Family | ||
| Intel | les processeurs Intel | Intel Core Ultra Processors Series 1 | ||
| Intel | les processeurs Intel | 3rd Generation Intel Xeon Scalable Processor Family | ||
| Intel | les processeurs Intel | 7th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Intel Atom C processor Family | ||
| Intel | les processeurs Intel | 9th Generation Intel Core Processor Family | ||
| Intel | les processeurs Intel | Intel Xeon Processor D NS Family | ||
| Intel | les processeurs Intel | 5th Generation Intel Xeon Scalable Processors | ||
| Intel | les processeurs Intel | Intel Core Ultra Processors Series 2 | ||
| Intel | les processeurs Intel | 13th Generation Intel Core Processors | ||
| Intel | les processeurs Intel | 12th Generation Intel Core Processors | ||
| Intel | les processeurs Intel | Intel Xeon E processor family | ||
| Intel | les processeurs Intel | Intel Xeon Processor E5 v4 Family | ||
| Intel | les processeurs Intel | Intel Atom Processors P6000 | ||
| Intel | les processeurs Intel | 2nd Generation Intel Xeon Scalable Processors | ||
| Intel | les processeurs Intel | 1st Generation Intel Xeon Scalable processor | ||
| Intel | les processeurs Intel | 11th Generation Intel Core Processors | ||
| Intel | les processeurs Intel | 4th Generation Intel Xeon Scalable processors | ||
| Intel | les processeurs Intel | Intel Xeon W Processor Family | ||
| Intel | les processeurs Intel | Intel Xeon W processor 3100 series |
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel Xeon D processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Core X-series Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "8th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processor X Series",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon W processor 2200 series",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Scalable processor family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon 6",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom C5000 and P5000 Product Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "10th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon W processor 2100 series\n\nIntel Core X-series processor",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Processor E7 v3 Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Core Ultra Processors Series 1",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "3rd Generation Intel Xeon Scalable Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "7th Generation Intel Core Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom C processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "9th Generation Intel Core Processor Family ",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Processor D NS Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "5th Generation Intel Xeon Scalable Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Core Ultra Processors Series 2",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "13th Generation Intel Core Processors\n\n",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "12th Generation Intel Core Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon E processor family ",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon Processor E5 v4 Family ",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Atom Processors P6000",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "2nd Generation Intel Xeon Scalable Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "1st Generation Intel Xeon Scalable processor",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "11th Generation Intel Core Processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "4th Generation Intel Xeon Scalable processors",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon W Processor Family",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Xeon W processor 3100 series",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-20068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20068"
},
{
"name": "CVE-2025-22850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22850"
},
{
"name": "CVE-2025-20005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20005"
},
{
"name": "CVE-2025-20027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20027"
},
{
"name": "CVE-2025-22444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22444"
},
{
"name": "CVE-2025-20105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20105"
},
{
"name": "CVE-2025-20073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20073"
},
{
"name": "CVE-2025-20096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20096"
},
{
"name": "CVE-2025-20028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20028"
},
{
"name": "CVE-2025-20064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20064"
}
],
"initial_release_date": "2026-03-11T00:00:00",
"last_revision_date": "2026-03-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0261",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01234",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01234.html"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-01393",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01393.html"
}
]
}
CERTFR-2026-AVI-0148
Vulnerability from certfr_avis - Published: 2026-02-11 - Updated: 2026-02-11
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | les processeurs Intel | Intel Optane PMem management software versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538. | ||
| Intel | les processeurs Intel | AI Playground software versions antérieures à 2.6.1 beta. | ||
| Intel | les processeurs Intel | Intel Server Firmware Update Utility software versions antérieures à 16.0.12. | ||
| Intel | les processeurs Intel | BIOS and System Firmware Update Package (SFUP) for Windows and Linux for Intel Server M50FCP Family versions antérieures à R01.02.0004. | ||
| Intel | les processeurs Intel | Intel oneAPI Base Toolkits versions antérieures à 2025.0. | ||
| Intel | les processeurs Intel | Intel Server Chipset Driver Software versions antérieures à 10.1.20266.8668 for Windows for Intel Server Boards and Systems Based on Intel 741 Chipset. | ||
| Intel | les processeurs Intel | Intel Battery Life Diagnostic Tool software versions antérieures à 2.7. | ||
| Intel | les processeurs Intel | ESXi base driver (icen) for Intel 800 Series Ethernet versions antérieures à 2.2.2.0 (ESXi 8.0). ESXi base driver (icen) for Intel 800 Series Ethernet versions antérieures à 2.2.3.0 (ESXi 9.0). | ||
| Intel | les processeurs Intel | Intel Server Board D50TNP Family BIOS and System Firmware Update Package (SFUP) for Windows and Linux versions antérieures à R01.01.0010. | ||
| Intel | les processeurs Intel | Intel Server Board M50CYP Family BIOS and System Firmware Update Package (SFUP) for Windows and Linux versions antérieures à R01.01.0010. | ||
| Intel | les processeurs Intel | BIOS and System Firmware Update Package (SFUP) for Windows and Linux for Intel Server D50DNP Family versions antérieures à R01.02.0004. | ||
| Intel | les processeurs Intel | Intel MAS software versions antérieures à 2.5.2 | ||
| Intel | les processeurs Intel | System Firmware Update Utility (SysFwUpdt) for Intel Server Boards and Intel Server Systems Based versions antérieures à 16.0.12. | ||
| Intel | les processeurs Intel | VTune Profiler software versions antérieures à 2025.0. | ||
| Intel | les processeurs Intel | Intel Ethernet Adapters 800 Series Controllers and associated adapters versions 30.3 or later. |
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel Optane PMem management software versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "AI Playground software versions ant\u00e9rieures \u00e0 2.6.1 beta.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server Firmware Update Utility software versions ant\u00e9rieures \u00e0 16.0.12.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "BIOS and System Firmware Update Package (SFUP) for Windows and Linux for Intel Server M50FCP Family versions ant\u00e9rieures \u00e0 R01.02.0004.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Base Toolkits versions ant\u00e9rieures \u00e0 2025.0.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server Chipset Driver Software versions ant\u00e9rieures \u00e0 10.1.20266.8668 for Windows for Intel Server Boards and Systems Based on Intel 741 Chipset.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Battery Life Diagnostic Tool software versions ant\u00e9rieures \u00e0 2.7.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "ESXi base driver (icen) for Intel 800 Series Ethernet versions ant\u00e9rieures \u00e0 2.2.2.0 (ESXi 8.0).\n\nESXi base driver (icen) for Intel 800 Series Ethernet versions ant\u00e9rieures \u00e0 2.2.3.0 (ESXi 9.0).",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server Board D50TNP Family BIOS and System Firmware Update Package (SFUP) for Windows and Linux versions ant\u00e9rieures \u00e0 R01.01.0010.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Server Board M50CYP Family BIOS and System Firmware Update Package (SFUP) for Windows and Linux versions ant\u00e9rieures \u00e0 R01.01.0010.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "BIOS and System Firmware Update Package (SFUP) for Windows and Linux for Intel Server D50DNP Family versions ant\u00e9rieures \u00e0 R01.02.0004.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel MAS software versions ant\u00e9rieures \u00e0 2.5.2",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "System Firmware Update Utility (SysFwUpdt) for Intel Server Boards and Intel Server Systems Based versions ant\u00e9rieures \u00e0 16.0.12.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "VTune Profiler software versions ant\u00e9rieures \u00e0 2025.0.",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Ethernet Adapters 800 Series Controllers and associated adapters versions 30.3 or later.\n\n",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-25058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25058"
},
{
"name": "CVE-2025-31944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31944"
},
{
"name": "CVE-2025-22453",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22453"
},
{
"name": "CVE-2025-32007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32007"
},
{
"name": "CVE-2025-33030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33030"
},
{
"name": "CVE-2025-32003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32003"
},
{
"name": "CVE-2025-32735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32735"
},
{
"name": "CVE-2025-31655",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31655"
},
{
"name": "CVE-2025-32739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32739"
},
{
"name": "CVE-2025-27940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27940"
},
{
"name": "CVE-2025-32008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32008"
},
{
"name": "CVE-2025-35992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35992"
},
{
"name": "CVE-2025-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27535"
},
{
"name": "CVE-2025-25210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25210"
},
{
"name": "CVE-2025-27243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27243"
},
{
"name": "CVE-2025-35998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35998"
},
{
"name": "CVE-2025-35999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35999"
},
{
"name": "CVE-2025-31648",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31648"
},
{
"name": "CVE-2025-32467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32467"
},
{
"name": "CVE-2025-20080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20080"
},
{
"name": "CVE-2025-27572",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27572"
},
{
"name": "CVE-2025-20106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20106"
},
{
"name": "CVE-2025-36511",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36511"
},
{
"name": "CVE-2025-32452",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32452"
},
{
"name": "CVE-2025-22849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22849"
},
{
"name": "CVE-2025-32453",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32453"
},
{
"name": "CVE-2025-22885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22885"
},
{
"name": "CVE-2025-32092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32092"
},
{
"name": "CVE-2025-36522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36522"
},
{
"name": "CVE-2025-30513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30513"
},
{
"name": "CVE-2025-27708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27708"
},
{
"name": "CVE-2025-20070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20070"
},
{
"name": "CVE-2025-24851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24851"
},
{
"name": "CVE-2025-30508",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30508"
},
{
"name": "CVE-2025-27560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27560"
}
],
"initial_release_date": "2026-02-11T00:00:00",
"last_revision_date": "2026-02-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0148",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01323",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01323.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01414",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01414.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01315",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01315.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01408",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01408.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01401",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01401.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01396",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01396.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01171",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01171.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01403",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01403.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01406",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01406.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01265",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01265.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01412",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01412.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01385",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01397",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01397.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01314",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01314.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01325",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01325.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01411",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01411.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01415",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01415.html"
},
{
"published_at": "2026-02-10",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01399",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01399.html"
}
]
}
CVE-2026-20767 (GCVE-0-2026-20767)
Vulnerability from nvd – Published: 2026-05-12 17:33 – Updated: 2026-05-13 03:58- Escalation of Privilege
- CWE-20 - Improper Input Validation
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:43.491Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:33:02.281Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20767",
"datePublished": "2026-05-12T17:33:02.281Z",
"dateReserved": "2025-12-04T04:00:32.808Z",
"dateUpdated": "2026-05-13T03:58:43.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20714 (GCVE-0-2026-20714)
Vulnerability from nvd – Published: 2026-05-12 17:31 – Updated: 2026-05-13 03:58- Escalation of Privilege
- CWE-787 - Out-of-bounds Write
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:41.980Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:31:55.276Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20714",
"datePublished": "2026-05-12T17:31:55.276Z",
"dateReserved": "2025-12-04T04:00:32.877Z",
"dateUpdated": "2026-05-13T03:58:41.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20914 (GCVE-0-2026-20914)
Vulnerability from nvd – Published: 2026-05-12 16:35 – Updated: 2026-05-12 17:07- Denial of Service
- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 2.6.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20914",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:00:05.590214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:07:03.241Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 2.6.0 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:35:01.200Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20914",
"datePublished": "2026-05-12T16:35:01.200Z",
"dateReserved": "2025-12-04T04:00:32.755Z",
"dateUpdated": "2026-05-12T17:07:03.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20905 (GCVE-0-2026-20905)
Vulnerability from nvd – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:07- Denial of Service
- CWE-20 - Improper Input Validation
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 2.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20905",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:00:17.369467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:07:11.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) QAT software drivers for Windows before version 2.6 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:58.654Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20905",
"datePublished": "2026-05-12T16:34:58.654Z",
"dateReserved": "2025-12-04T04:00:32.867Z",
"dateUpdated": "2026-05-12T17:07:11.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20881 (GCVE-0-2026-20881)
Vulnerability from nvd – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:17- Denial of Service
- CWE-369 - Divide By Zero
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:11:53.010628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:17:23.966Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Divide by zero for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-369",
"description": "Divide By Zero",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:54.155Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20881",
"datePublished": "2026-05-12T16:34:54.155Z",
"dateReserved": "2025-12-04T04:00:32.822Z",
"dateUpdated": "2026-05-12T17:17:23.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20793 (GCVE-0-2026-20793)
Vulnerability from nvd – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:17- Denial of Service
- CWE-252 - Unchecked Return Value
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20793",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:15:04.880732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:17:53.718Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unchecked return value for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-252",
"description": "Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:47.313Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20793",
"datePublished": "2026-05-12T16:34:47.313Z",
"dateReserved": "2025-12-09T04:00:18.763Z",
"dateUpdated": "2026-05-12T17:17:53.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20782 (GCVE-0-2026-20782)
Vulnerability from nvd – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:18- Denial of Service
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:15:13.504191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:18:02.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:44.738Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20782",
"datePublished": "2026-05-12T16:34:44.738Z",
"dateReserved": "2025-12-04T04:00:32.846Z",
"dateUpdated": "2026-05-12T17:18:02.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20771 (GCVE-0-2026-20771)
Vulnerability from nvd – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:18- Denial of Service
- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:15:54.802696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:18:23.761Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:40.333Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20771",
"datePublished": "2026-05-12T16:34:40.333Z",
"dateReserved": "2025-12-04T04:00:32.831Z",
"dateUpdated": "2026-05-12T17:18:23.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20717 (GCVE-0-2026-20717)
Vulnerability from nvd – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:04- Denial of Service
- CWE-20 - Improper Input Validation
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:02:29.098032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:04:15.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:23.835Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20717",
"datePublished": "2026-05-12T16:34:23.835Z",
"dateReserved": "2025-12-09T04:00:18.741Z",
"dateUpdated": "2026-05-12T17:04:15.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32739 (GCVE-0-2025-32739)
Vulnerability from nvd – Published: 2026-02-10 16:25 – Updated: 2026-02-10 17:31- Denial of Service
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Graphics Drivers and Intel LTS kernels |
Affected:
See references
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T17:31:46.920447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T17:31:52.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Graphics Drivers and Intel LTS kernels",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper conditions check in some firmware for some Intel(R) Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 2,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-754",
"description": "Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:25:55.444Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-32739",
"datePublished": "2026-02-10T16:25:55.444Z",
"dateReserved": "2025-04-15T21:11:09.799Z",
"dateUpdated": "2026-02-10T17:31:52.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32092 (GCVE-0-2025-32092)
Vulnerability from nvd – Published: 2026-02-10 16:25 – Updated: 2026-02-26 15:04- Escalation of Privilege
- CWE-277 - Insecure Inherited Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Graphics Software |
Affected:
before version 25.30.1702.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T04:56:27.514033Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:09.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Graphics Software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 25.30.1702.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure inherited permissions for some Intel(R) Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-277",
"description": "Insecure Inherited Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:25:46.732Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-32092",
"datePublished": "2026-02-10T16:25:46.732Z",
"dateReserved": "2025-04-15T21:18:44.523Z",
"dateUpdated": "2026-02-26T15:04:09.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14625 (GCVE-0-2025-14625)
Vulnerability from nvd – Published: 2026-01-06 21:42 – Updated: 2026-01-28 22:28- CWE-427 - Uncontrolled Search Path Element
| Vendor | Product | Version | |
|---|---|---|---|
| Altera | Quartus Prime Standard |
Affected:
19.1 , ≤ 24.1
(custom)
|
|
| Altera | Quartus Prime Lite |
Affected:
19.1 , ≤ 24.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14625",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T21:49:26.029382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T21:49:33.995Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Nios II Command Shell"
],
"platforms": [
"Windows"
],
"product": "Quartus Prime Standard",
"vendor": "Altera",
"versions": [
{
"lessThanOrEqual": "24.1",
"status": "affected",
"version": "19.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"Nios II Command Shell"
],
"platforms": [
"Windows"
],
"product": "Quartus Prime Lite",
"vendor": "Altera",
"versions": [
{
"lessThanOrEqual": "24.1",
"status": "affected",
"version": "19.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:altera:quartus_prime_standard:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "24.1",
"versionStartIncluding": "19.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:altera:quartus_prime_lite:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "24.1",
"versionStartIncluding": "19.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.\u003cp\u003eThis issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1.\u003c/p\u003e"
}
],
"value": "Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1."
}
],
"impacts": [
{
"capecId": "CAPEC-471",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-471 Search Order Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T22:28:10.748Z",
"orgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"shortName": "Altera"
},
"references": [
{
"url": "https://www.altera.com/security/security-advisory/asa-0005"
},
{
"url": "https://community.altera.com/kb/knowledge-base/how-to-mitigate-the-security-vulnerability-in-the-nios%C2%AE-ii-command-shell-utility/350185"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Quartus\u00ae Prime Standard and Quartus\u00ae Prime Lite Security Advisory",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"assignerShortName": "Altera",
"cveId": "CVE-2025-14625",
"datePublished": "2026-01-06T21:42:28.480Z",
"dateReserved": "2025-12-12T21:06:52.874Z",
"dateUpdated": "2026-01-28T22:28:10.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14614 (GCVE-0-2025-14614)
Vulnerability from nvd – Published: 2026-01-06 21:38 – Updated: 2026-01-06 21:49- CWE-377 - Insecure Temporary File
| Vendor | Product | Version | |
|---|---|---|---|
| Altera | Quartus Prime Standard |
Affected:
23.1 , ≤ 24.1
(custom)
|
|
| Altera | Quartus Prime Lite |
Affected:
23.1 , ≤ 24.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14614",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T21:48:49.532347Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T21:49:00.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Installer"
],
"platforms": [
"Windows"
],
"product": "Quartus Prime Standard",
"vendor": "Altera",
"versions": [
{
"lessThanOrEqual": "24.1",
"status": "affected",
"version": "23.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"Installer"
],
"platforms": [
"Windows"
],
"product": "Quartus Prime Lite",
"vendor": "Altera",
"versions": [
{
"lessThanOrEqual": "24.1",
"status": "affected",
"version": "23.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:altera:quartus_prime_standard:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "24.1",
"versionStartIncluding": "23.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:altera:quartus_prime_lite:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "24.1",
"versionStartIncluding": "23.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure Temporary File vulnerability in Altera Quartus Prime Standard\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInstaller (SFX)\u003c/span\u003e\n\n on Windows, Altera Quartus Prime Lite\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInstaller (SFX)\u003c/span\u003e\n\n on Windows allows Explore for Predictable Temporary File Names.\u003cp\u003eThis issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.\u003c/p\u003e"
}
],
"value": "Insecure Temporary File vulnerability in Altera Quartus Prime Standard\u00a0\n\nInstaller (SFX)\n\n on Windows, Altera Quartus Prime Lite\u00a0\n\nInstaller (SFX)\n\n on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1."
}
],
"impacts": [
{
"capecId": "CAPEC-149",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-149 Explore for Predictable Temporary File Names"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-377",
"description": "CWE-377: Insecure Temporary File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T21:38:05.375Z",
"orgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"shortName": "Altera"
},
"references": [
{
"url": "https://www.altera.com/security/security-advisory/asa-0005"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Quartus\u00ae Prime Standard and Quartus\u00ae Prime Lite Security Advisory",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"assignerShortName": "Altera",
"cveId": "CVE-2025-14614",
"datePublished": "2026-01-06T21:38:05.375Z",
"dateReserved": "2025-12-12T20:46:03.303Z",
"dateUpdated": "2026-01-06T21:49:00.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14612 (GCVE-0-2025-14612)
Vulnerability from nvd – Published: 2026-01-06 21:24 – Updated: 2026-01-07 16:56- CWE-377 - Insecure Temporary File
| Vendor | Product | Version | |
|---|---|---|---|
| Altera | Quartus Prime Pro |
Affected:
24.1 , ≤ 25.1.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T16:56:03.412462Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:56:08.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Installer"
],
"platforms": [
"Windows"
],
"product": "Quartus Prime Pro",
"vendor": "Altera",
"versions": [
{
"lessThanOrEqual": "25.1.1",
"status": "affected",
"version": "24.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:altera:quartus_prime_pro:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "25.1.1",
"versionStartIncluding": "24.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure Temporary File vulnerability in Altera Quartus Prime Pro\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInstaller (SFX)\u003c/span\u003e\n\n on Windows allows : Use of Predictable File Names.\u003cp\u003eThis issue affects Quartus Prime Pro: from 24.1 through 25.1.1.\u003c/p\u003e"
}
],
"value": "Insecure Temporary File vulnerability in Altera Quartus Prime Pro\u00a0\n\nInstaller (SFX)\n\n on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1."
}
],
"impacts": [
{
"capecId": "CAPEC-149",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-149 Explore for Predictable Temporary File Names"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-377",
"description": "CWE-377: Insecure Temporary File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T21:38:58.670Z",
"orgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"shortName": "Altera"
},
"references": [
{
"url": "https://www.altera.com/security/security-advisory/asa-0004"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Quartus Prime Pro Edition Advisory",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"assignerShortName": "Altera",
"cveId": "CVE-2025-14612",
"datePublished": "2026-01-06T21:24:33.025Z",
"dateReserved": "2025-12-12T20:34:39.402Z",
"dateUpdated": "2026-01-07T16:56:08.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14605 (GCVE-0-2025-14605)
Vulnerability from nvd – Published: 2026-01-06 21:15 – Updated: 2026-01-07 16:55- CWE-427 - Uncontrolled Search Path Element
| Vendor | Product | Version | |
|---|---|---|---|
| Altera | Quartus Prime Pro |
Affected:
17.0 , ≤ 25.1.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T16:55:19.083370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:55:28.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"System Console"
],
"platforms": [
"Windows"
],
"product": "Quartus Prime Pro",
"vendor": "Altera",
"versions": [
{
"lessThanOrEqual": "25.1.1",
"status": "affected",
"version": "17.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:altera:quartus_prime_pro:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "25.1.1",
"versionStartIncluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.\u003cp\u003eThis issue affects Quartus Prime Pro: from 17.0 through 25.1.1.\u003c/p\u003e"
}
],
"value": "Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1."
}
],
"impacts": [
{
"capecId": "CAPEC-471",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-471 Search Order Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T21:17:02.552Z",
"orgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"shortName": "Altera"
},
"references": [
{
"url": "https://www.altera.com/security/security-advisory/asa-0004"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Quartus Prime Pro Edition Advisory",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"assignerShortName": "Altera",
"cveId": "CVE-2025-14605",
"datePublished": "2026-01-06T21:15:56.664Z",
"dateReserved": "2025-12-12T19:11:15.340Z",
"dateUpdated": "2026-01-07T16:55:28.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14599 (GCVE-0-2025-14599)
Vulnerability from nvd – Published: 2026-01-06 21:30 – Updated: 2026-01-06 21:47- CWE-427 - Uncontrolled Search Path Element
| Vendor | Product | Version | |
|---|---|---|---|
| Altera | Quartus Prime Standard |
Affected:
23.1 , ≤ 24.1
(custom)
|
|
| Altera | Quartus Prime Lite |
Affected:
23.1 , ≤ 24.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T21:46:59.180090Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T21:47:08.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Installer"
],
"platforms": [
"Windows"
],
"product": "Quartus Prime Standard",
"vendor": "Altera",
"versions": [
{
"lessThanOrEqual": "24.1",
"status": "affected",
"version": "23.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"Installer"
],
"product": "Quartus Prime Lite",
"vendor": "Altera",
"versions": [
{
"lessThanOrEqual": "24.1",
"status": "affected",
"version": "23.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:altera:quartus_prime_standard:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "24.1",
"versionStartIncluding": "23.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:altera:quartus_prime_lite:*:*:*:*:*:*:*:*",
"versionEndIncluding": "24.1",
"versionStartIncluding": "23.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInstaller (SFX)\u003c/span\u003e\n\non Windows, Altera Quartus Prime Lite\u0026nbsp;\n\nInstaller (SFX)\n\n on Windows allows Search Order Hijacking.\u003cp\u003eThis issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.\u003c/p\u003e"
}
],
"value": "Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard \n\nInstaller (SFX)\n\non Windows, Altera Quartus Prime Lite\u00a0\n\nInstaller (SFX)\n\n on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1."
}
],
"impacts": [
{
"capecId": "CAPEC-471",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-471 Search Order Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T21:30:14.128Z",
"orgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"shortName": "Altera"
},
"references": [
{
"url": "https://www.altera.com/security/security-advisory/asa-0005"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Quartus\u00ae Prime Standard and Quartus\u00ae Prime Lite Security Advisory",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "04c0172e-9735-4a9d-a92a-fe01fa863447",
"assignerShortName": "Altera",
"cveId": "CVE-2025-14599",
"datePublished": "2026-01-06T21:30:14.128Z",
"dateReserved": "2025-12-12T18:24:32.099Z",
"dateUpdated": "2026-01-06T21:47:08.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20767 (GCVE-0-2026-20767)
Vulnerability from cvelistv5 – Published: 2026-05-12 17:33 – Updated: 2026-05-13 03:58- Escalation of Privilege
- CWE-20 - Improper Input Validation
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:43.491Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:33:02.281Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20767",
"datePublished": "2026-05-12T17:33:02.281Z",
"dateReserved": "2025-12-04T04:00:32.808Z",
"dateUpdated": "2026-05-13T03:58:43.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20714 (GCVE-0-2026-20714)
Vulnerability from cvelistv5 – Published: 2026-05-12 17:31 – Updated: 2026-05-13 03:58- Escalation of Privilege
- CWE-787 - Out-of-bounds Write
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:41.980Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:31:55.276Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20714",
"datePublished": "2026-05-12T17:31:55.276Z",
"dateReserved": "2025-12-04T04:00:32.877Z",
"dateUpdated": "2026-05-13T03:58:41.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20914 (GCVE-0-2026-20914)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:35 – Updated: 2026-05-12 17:07- Denial of Service
- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 2.6.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20914",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:00:05.590214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:07:03.241Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 2.6.0 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:35:01.200Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20914",
"datePublished": "2026-05-12T16:35:01.200Z",
"dateReserved": "2025-12-04T04:00:32.755Z",
"dateUpdated": "2026-05-12T17:07:03.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20905 (GCVE-0-2026-20905)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:07- Denial of Service
- CWE-20 - Improper Input Validation
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 2.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20905",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:00:17.369467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:07:11.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) QAT software drivers for Windows before version 2.6 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:58.654Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20905",
"datePublished": "2026-05-12T16:34:58.654Z",
"dateReserved": "2025-12-04T04:00:32.867Z",
"dateUpdated": "2026-05-12T17:07:11.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20881 (GCVE-0-2026-20881)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:17- Denial of Service
- CWE-369 - Divide By Zero
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:11:53.010628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:17:23.966Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Divide by zero for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-369",
"description": "Divide By Zero",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:54.155Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20881",
"datePublished": "2026-05-12T16:34:54.155Z",
"dateReserved": "2025-12-04T04:00:32.822Z",
"dateUpdated": "2026-05-12T17:17:23.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20793 (GCVE-0-2026-20793)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:17- Denial of Service
- CWE-252 - Unchecked Return Value
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20793",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:15:04.880732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:17:53.718Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unchecked return value for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-252",
"description": "Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:47.313Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20793",
"datePublished": "2026-05-12T16:34:47.313Z",
"dateReserved": "2025-12-09T04:00:18.763Z",
"dateUpdated": "2026-05-12T17:17:53.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20782 (GCVE-0-2026-20782)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:18- Denial of Service
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:15:13.504191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:18:02.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:44.738Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20782",
"datePublished": "2026-05-12T16:34:44.738Z",
"dateReserved": "2025-12-04T04:00:32.846Z",
"dateUpdated": "2026-05-12T17:18:02.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20771 (GCVE-0-2026-20771)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:18- Denial of Service
- CWE-476 - NULL Pointer Dereference
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:15:54.802696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:18:23.761Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:40.333Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20771",
"datePublished": "2026-05-12T16:34:40.333Z",
"dateReserved": "2025-12-04T04:00:32.831Z",
"dateUpdated": "2026-05-12T17:18:23.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20717 (GCVE-0-2026-20717)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:34 – Updated: 2026-05-12 17:04- Denial of Service
- CWE-20 - Improper Input Validation
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) QAT software drivers for Windows |
Affected:
before version 1.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T17:02:29.098032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T17:04:15.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) QAT software drivers for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T16:34:23.835Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2026-20717",
"datePublished": "2026-05-12T16:34:23.835Z",
"dateReserved": "2025-12-09T04:00:18.741Z",
"dateUpdated": "2026-05-12T17:04:15.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32739 (GCVE-0-2025-32739)
Vulnerability from cvelistv5 – Published: 2026-02-10 16:25 – Updated: 2026-02-10 17:31- Denial of Service
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Graphics Drivers and Intel LTS kernels |
Affected:
See references
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T17:31:46.920447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T17:31:52.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Graphics Drivers and Intel LTS kernels",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper conditions check in some firmware for some Intel(R) Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 2,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-754",
"description": "Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:25:55.444Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-32739",
"datePublished": "2026-02-10T16:25:55.444Z",
"dateReserved": "2025-04-15T21:11:09.799Z",
"dateUpdated": "2026-02-10T17:31:52.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32092 (GCVE-0-2025-32092)
Vulnerability from cvelistv5 – Published: 2026-02-10 16:25 – Updated: 2026-02-26 15:04- Escalation of Privilege
- CWE-277 - Insecure Inherited Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Graphics Software |
Affected:
before version 25.30.1702.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T04:56:27.514033Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:09.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Graphics Software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 25.30.1702.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure inherited permissions for some Intel(R) Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-277",
"description": "Insecure Inherited Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:25:46.732Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-32092",
"datePublished": "2026-02-10T16:25:46.732Z",
"dateReserved": "2025-04-15T21:18:44.523Z",
"dateUpdated": "2026-02-26T15:04:09.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}