Intel Quickassist Technology vulnerabilities

28 known vulnerabilities affecting intel/quickassist_technology.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

HIGH12MEDIUM16

Vulnerabilities

Page 1 of 2

CVE-2025-27713HIGHCVSS 7.3fixed in 2.6.0-00182025-11-11

CVE-2025-27713 [HIGH] CWE-787 CVE-2025-27713: Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requiremen

nvd

CVE-2025-33000HIGHCVSS 7.3fixed in 2.6.0-00182025-11-11

CVE-2025-33000 [HIGH] CWE-20 CVE-2025-33000: Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requireme

nvd

CVE-2025-32088MEDIUMCVSS 4.8fixed in 2.6.0-00182025-11-11

CVE-2025-32088 [MEDIUM] CWE-754 CVE-2025-32088: Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3 Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are

nvd

CVE-2025-31937MEDIUMCVSS 5.7fixed in 2.6.0-00182025-11-11

CVE-2025-31937 [MEDIUM] CWE-125 CVE-2025-31937: Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not pr

nvd

CVE-2025-27710MEDIUMCVSS 6.8fixed in 2.6.0-00182025-11-11

CVE-2025-27710 [MEDIUM] CWE-822 CVE-2025-27710: Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ri Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attack requiremen

nvd

CVE-2025-30509MEDIUMCVSS 4.8fixed in 2.6.0-00182025-11-11

CVE-2025-30509 [MEDIUM] CWE-20 CVE-2025-30509: Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attack req

nvd

CVE-2025-32732MEDIUMCVSS 5.8fixed in 2.6.0-00182025-11-11

CVE-2025-32732 [MEDIUM] CWE-120 CVE-2025-32732: Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User App Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present w

nvd

CVE-2025-32446MEDIUMCVSS 6.8fixed in 2.6.0-00182025-11-11

CVE-2025-32446 [MEDIUM] CWE-822 CVE-2025-32446: Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 wi Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attac

nvd

CVE-2025-24519MEDIUMCVSS 6.8fixed in 2.6.0-00182025-11-11

CVE-2025-24519 [MEDIUM] CWE-120 CVE-2025-24519: Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User App Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are no

nvd

CVE-2025-26694MEDIUMCVSS 6.8fixed in 2.6.0-00182025-11-11

CVE-2025-26694 [MEDIUM] CWE-476 CVE-2025-26694: Null pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: Null pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are

nvd

CVE-2025-20090MEDIUMCVSS 6.8fixed in 2.5.0-00072025-08-12

CVE-2025-20090 [MEDIUM] CWE-822 CVE-2025-20090: Untrusted Pointer Dereference for some Intel(R) QuickAssist Technology software before version 2.5.0 Untrusted Pointer Dereference for some Intel(R) QuickAssist Technology software before version 2.5.0 may allow an authenticated user to potentially enable denial of service via local access.

nvd

CVE-2024-31858HIGHCVSS 7.3fixed in 2.2.0-00122025-02-12

CVE-2024-31858 [HIGH] CWE-787 CVE-2024-31858: Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

nvd

CVE-2024-31153MEDIUMCVSS 5.1fixed in 2.2.0-00122025-02-12

CVE-2024-31153 [MEDIUM] CWE-20 CVE-2024-31153: Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable denial of service via local access.

nvd

CVE-2024-29223MEDIUMCVSS 5.4fixed in 2.2.0-00122025-02-12

CVE-2024-29223 [MEDIUM] CWE-427 CVE-2024-29223: Uncontrolled search path for some Intel(R) QuickAssist Technology software before version 2.2.0 may Uncontrolled search path for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

nvd

CVE-2023-28740HIGHCVSS 7.8≥ 1.0, < 1.10≥ 2.0, < 2.042023-11-14

CVE-2023-28740 [MEDIUM] CWE-427 CVE-2023-28740: Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before ve Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

nvd

CVE-2023-32641HIGHCVSS 8.8fixed in 1.0.40-000042023-11-14

CVE-2023-32641 [HIGH] CWE-20 CVE-2023-32641: Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.

nvd

CVE-2023-28741HIGHCVSS 7.8≥ 1.0, < 1.10≥ 2.0, < 2.042023-11-14

CVE-2023-28741 [HIGH] CWE-120 CVE-2023-28741: Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may al Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

nvd

CVE-2022-40972HIGHCVSS 7.8fixed in 1.9.02023-05-10

CVE-2022-40972 [MEDIUM] CWE-284 CVE-2022-40972: Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an a Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

nvd

CVE-2022-41699HIGHCVSS 7.8fixed in 1.9.02023-05-10

CVE-2022-41699 [HIGH] CWE-732 CVE-2022-41699: Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows befor Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

nvd

CVE-2022-21804HIGHCVSS 7.8fixed in 1.9.0.-00082023-05-10

CVE-2022-21804 [HIGH] CWE-787 CVE-2022-21804: Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may a Out-of-bounds write in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable escalation of privilege via local access.

nvd

1 / 2Next →