CVE-2025-27710

CWE-8223 documents3 sources
Severity
6.8MEDIUM
EPSS
0.0%
top 97.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Quickassist Technology
Timeline
PublishedNov 11

Description

Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (h

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5intel(r)_qat_windows_softwarebefore version 2.6.0.

🔴Vulnerability Details

2
CVEList
CVE-2025-27710: Untrusted pointer dereference for some Intel(R) QAT Windows software before version 22025-11-11
GHSA
GHSA-rqcq-gw3j-58vh: Untrusted pointer dereference for some Intel(R) QAT Windows software before version 22025-11-11
CVE-2025-27710 (MEDIUM CVSS 6.8) | Untrusted pointer dereference for s | cvebase.io