CVE-2025-35990

Improper input validation for some Intel Endpoint Management Assistant EMA software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable escalation...

CVE-2025-36515

Uncontrolled search path for some AI Playground software before version 3.0.0 alpha within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This...

CVE-2026-20738

Untrusted pointer dereference for some IntelR QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of...

Intel Connectivity Performance Suite 代码问题漏洞

Intel Connectivity Performance Suite is a software developed by Intel Corporation in the United States. It can automatically optimize a computer’s network connections, enhancing Wi-Fi performance and application response times. Versions of Intel Connectivity Performance Suite prior to...

Intel QAT software drivers for Windows 输入验证错误漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. The version 2.6 of Intel QAT software drivers for Windows contained a vulnerability related to input validation errors. This...

CVE-2025-31655

Incorrect default permissions for some IntelR Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...

CVE-2025-25210

CVE-2025-25210 involves improper input validation in Intel’s Server Firmware Update Utility (SysFwUpdt) prior to version 16.0.12. The vulnerability affects Ring 3 (User Applications); a local attacker with high privileges and low attack complexity may escalate privileges without user interaction,...

CVE-2025-32446

Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This...

CVE-2025-24314

Improper access control for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may...

EUVD-2025-93512

Unrestricted upload of file with dangerous type for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data...

EUVD-2025-93532

Use of unmaintained third party components for some IntelR Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable escalation...

CVE-2025-24862

Unrestricted upload of file with dangerous type for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data...

CVE-2025-24314

Improper access control for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may...

CVE-2025-35972

Uncontrolled search path for the Intel MPI Library before version 2021.16 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...

CVE-2025-31940

Incorrect default permissions for some IntelR Thread Director Visualizer software before version 1.1.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

CVE-2025-31931

Uncontrolled search path for the Instrumentation and Tracing Technology API ITT API software before version 3.25.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable...

CVE-2025-31647

Uncontrolled search path for some IntelR Graphics Software before version 25.22.1502.2 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This...

CVE-2025-27249

CVE-2025-27249 affects Intel Gaudi software prior to version 1.21.0. A resource-management error can allow an authenticated, locally present user with a low-complexity attack to trigger a denial of service, impacting availability (high) with no confidentiality or integrity impact. Remediation: up...

CVE-2025-24848

Protection mechanism failure for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This...

CVE-2025-24314

Intel CIP software prior to WIN_DCA_2.4.0.11001 has an improper access control in Ring 3 User Applications that may allow information disclosure. An unprivileged attacker with a privileged user and high-complexity conditions could exploit this via network access with no user interaction, potentia...