Intel
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Intel product.
RSS Feeds for Intel security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Intel products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Intel Sorted by Most Security Vulnerabilities since 2018
Known Exploited Intel Vulnerabilities
The following Intel vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability |
Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service. CVE-2015-2291 Exploit Probability: 5.6% |
February 10, 2023 |
| Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageabilit |
Intel products contain a vulnerability which can allow attackers to perform privilege escalation. CVE-2017-5689 Exploit Probability: 94.3% |
January 28, 2022 |
The vulnerability CVE-2017-5689: Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageabilit is in the top 1% of the currently known exploitable vulnerabilities.
By the Year
In 2026 there have been 0 vulnerabilities in Intel. Last year, in 2025 Intel had 18 security vulnerabilities published. Right now, Intel is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 18 | 6.21 |
| 2024 | 167 | 6.96 |
| 2023 | 214 | 7.17 |
| 2022 | 121 | 6.98 |
| 2021 | 52 | 7.13 |
| 2020 | 114 | 6.92 |
| 2019 | 150 | 6.54 |
| 2018 | 72 | 6.65 |
It may take a day or so for new Intel vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Intel Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2025-33000 | Nov 11, 2025 |
Intel QAT Privilege Escalation (Vulnerable <2.6.0)Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
Quickassist Technology
|
| CVE-2025-31948 | Nov 11, 2025 |
Intel oneAPI Math Kernel Lib <2025.2: DoS via Improper Input (Ring 3)Improper input validation for some Intel(R) oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
Oneapi Math Kernel Library
|
| CVE-2025-30509 | Nov 11, 2025 |
Intel QAT Improper Validation (pre-2.6.0) PrivEscImproper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
Quickassist Technology
|
| CVE-2025-30182 | Nov 11, 2025 |
Intel Distribution for Python <2025.2.0: Uncontrolled Search Path PrivEscalationUncontrolled search path for some Intel(R) Distribution for Python software installers before version 2025.2.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
Distribution For Python
|
| CVE-2025-20056 | Nov 11, 2025 |
Intel VTune Profiler <2025.1 Escalation via Improper Input ValidationImproper input validation for some Intel VTune Profiler before version 2025.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
Vtune Profiler
|
| CVE-2025-46711 | Sep 22, 2025 |
Intel GPU Driver NULL Deref via Improper Syscalls (CVE-2025-46711)Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger NULL pointer dereference kernel exceptions. |
Graphics Driver
|
| CVE-2024-36342 | Sep 06, 2025 |
CVE-2024-36342: Intel GPU Driver Heap Overflow Arbitrary Code ExecutionImproper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. |
Graphics Driver
|
| CVE-2025-20023 | Aug 12, 2025 |
Intel Graphics Driver Installer Elevation via Incorrect Default PermissionsIncorrect default permissions for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access. |
Graphics Driver
|
| CVE-2025-20090 | Aug 12, 2025 |
Intel QAT Driver: Untrusted Pointer Deref, DoS Before 2.5.0Untrusted Pointer Dereference for some Intel(R) QuickAssist Technology software before version 2.5.0 may allow an authenticated user to potentially enable denial of service via local access. |
Quickassist Technology
|
| CVE-2025-22840 | Aug 12, 2025 |
Intel Xeon Privilege Escalation via Instruction Sequencing (CVE-2025-22840)Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access |
Xeon
|
| CVE-2025-32086 | Aug 12, 2025 |
Intel Xeon 6 PRIVEsc via DDRIO config with SGX/TDX (CVE-2025-32086)Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
Xeon
|
| CVE-2024-48869 | May 13, 2025 |
Intel Xeon 6 Processor Privileged Escalation via TDX/SGX Interface RestrictionImproper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user to potentially enable escalation of privilege via local access. |
Xeon
|
| CVE-2025-20071 | May 13, 2025 |
Intel Graphics Driver Local Null Pointer Deref Denial of ServiceNULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. |
Graphics Driver
|
| CVE-2024-31153 | Feb 12, 2025 |
Intel QuickAssist Tech <2.2.0: Improper Input Validation Enabling Local DoSImproper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable denial of service via local access. |
Quickassist Technology
|
| CVE-2024-37355 | Feb 12, 2025 |
Intel Graphics Driver: Local Priv Esc via Improper Access ControlImproper access control in some Intel(R) Graphics software may allow an authenticated user to potentially enable escalation of privilege via local access. |
Graphics Driver
|
| CVE-2024-39284 | Feb 12, 2025 |
Intel Advisor <2024.2 Uncontrolled Search Path Evokes Priv EscalationUncontrolled search path for some Intel(R) Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Advisor
|
| CVE-2024-41917 | Feb 12, 2025 |
Intel Battery Life Diagnostic Tool 2.4.0 TOCTOU Local Priv EscalationTime-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software before version 2.4.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Battery Life Diagnostic Tool
|
| CVE-2024-42405 | Feb 12, 2025 |
Intel Quartus Prime Uncontrolled Search Path before 23.1.1 Patch 1.01stdUncontrolled search path for some Intel(R) Quartus(R) Prime Software before version 23.1.1 Patch 1.01std may allow an authenticated user to potentially enable escalation of privilege via local access. |
Quartus Prime
|
| CVE-2017-11076 | Nov 26, 2024 |
Intel GPU VP9 Decoder Mem Access via Frame Size FaultOn some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. |
Graphics Driver
|
| CVE-2024-23918 | Nov 13, 2024 |
Intel Xeon SGX Local Priv Escalation via Memory Controller CheckImproper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. |
3rd Generation Intel Xeon Scalable Processor Family
4th Generation Intel Xeon Processor Scalable Family
5th Generation Intel Xeon Processor Scalable Family
And others... |
| CVE-2024-21820 | Nov 13, 2024 |
Intel Xeon SGX Memory Controller Escalation via Misconfigured PermissionsIncorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. |
3rd Generation Intel Xeon Scalable Processor Family
4th Generation Intel Xeon Processor Scalable Family
5th Generation Intel Xeon Processor Scalable Family
And others... |
| CVE-2024-38383 | Nov 13, 2024 |
Intel(R) Quartus(R) Prime Pro Edition: Uncontrolled Search Path Privilege Escalation VulnerabilityUncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Quartus Prime
|
| CVE-2024-36488 | Nov 13, 2024 |
Intel(R) DSA Improper Access Control Privilege Escalation VulnerabilityImproper Access Control in some Intel(R) DSA before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Driver Support Assistant
|
| CVE-2024-36482 | Nov 13, 2024 |
Intel(R) CIP Software Privilege Escalation VulnerabilityImproper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentially enable escalation of privilege via local access. |
Computing Improvement Program
|
| CVE-2024-36294 | Nov 13, 2024 |
Intel(R) DSA Software Insecure Inherited Permissions Privilege Escalation VulnerabilityInsecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Driver Support Assistant
|
| CVE-2024-36276 | Nov 13, 2024 |
Intel(R) CIP Software Insecure Inherited Permissions Privilege Escalation VulnerabilityInsecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Computing Improvement Program
|
| CVE-2024-38668 | Nov 13, 2024 |
Intel(R) Quartus(R) Prime Standard Edition: Uncontrolled Search Path Privilege Escalation VulnerabilUncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Quartus Prime
|
| CVE-2024-38665 | Nov 13, 2024 |
Intel Graphics Drivers: Out-of-Bounds Write Privilege Escalation VulnerabilityOut-of-bounds write in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. |
Graphics Drivers
|
| CVE-2024-38660 | Nov 13, 2024 |
Intel(R) Xeon(R) Processor Family (E-Core) SPP Protection Mechanism Failure Privilege Escalation VulProtection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated user to potentially enable escalation of privilege via local access. |
Xeon
|
| CVE-2024-36253 | Nov 13, 2024 |
Intel(R) SDP Tool for Windows: Uncontrolled Search Path Privilege Escalation VulnerabilityUncontrolled search path in the Intel(R) SDP Tool for Windows software all version may allow an authenticated user to potentially enable escalation of privilege via local access. |
Server Debug Provisioning Tool
|
| CVE-2024-35201 | Nov 13, 2024 |
Intel(R) SDP Tool for Windows: Privilege Escalation via Incorrect Default PermissionsIncorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalation of privilege via local access. |
Server Debug Provisioning Tool
|
| CVE-2024-39609 | Nov 13, 2024 |
Intel Server Board M70KLP UEFI Firmware Privilege Escalation VulnerabilityImproper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access. |
Server Board M70klp2sb Firmware
|
| CVE-2024-38387 | Nov 13, 2024 |
Intel(R) Graphics Driver: Uncontrolled Search Path VulnerabilityUncontrolled search path in the Intel(R) Graphics Driver installers for versions 15.40 and 15.45 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Graphics Driver
|
| CVE-2024-37027 | Nov 13, 2024 |
Intel(R) VTune(TM) Profiler: Improper Input Validation VulnerabilityImproper Input validation in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access. |
Vtune Profiler
|
| CVE-2024-29079 | Nov 13, 2024 |
Intel VROC Software Privilege Escalation VulnerabilityInsufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Virtual Raid On Cpu
|
| CVE-2024-32485 | Nov 13, 2024 |
Intel VROC Software: Improper Input Validation Denial of Service VulnerabilityImproper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access. |
Virtual Raid On Cpu
|
| CVE-2024-36245 | Nov 13, 2024 |
Intel VTune Profiler Uncontrolled Search Path Element Privilege Escalation VulnerabilityUncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Vtune Profiler
|
| CVE-2024-34776 | Nov 13, 2024 |
Intel SGX SDK: Out-of-Bounds Write Privilege Escalation VulnerabilityOut-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access. |
Sgx Sdk
|
| CVE-2024-34170 | Nov 13, 2024 |
Intel Graphics Drivers: Improper Buffer Restrictions Leading to Denial of ServiceImproper buffer restrictions in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. |
Graphics Driver
|
| CVE-2024-34023 | Nov 13, 2024 |
Intel Graphics Drivers: Untrusted Pointer Dereference Privilege Escalation VulnerabilityUntrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. |
Graphics Drivers
|
| CVE-2024-32048 | Nov 13, 2024 |
Intel(R) Distribution of OpenVINO(TM) Model Server: Improper Input Validation VulnerabilityImproper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
Openvino
|
| CVE-2024-29083 | Nov 13, 2024 |
Intel(R) Distribution for Python: Incorrect Default Permissions Leading to Privilege EscalationIncorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Distribution For Python
|
| CVE-2024-28950 | Nov 13, 2024 |
Intel(R) oneAPI Math Kernel Library: Uncontrolled Search Path Privilege Escalation VulnerabilityUncontrolled search path for some Intel(R) oneAPI Math Kernel Library software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. |
Oneapi Math Kernel Library
|
| CVE-2024-25565 | Nov 13, 2024 |
Intel(R) Xeon(R) Processors UEFI Firmware Control Flow Management VulnerabilityInsufficient control flow management in UEFI firmware for some Intel(R) Xeon(R) Processors may allow an authenticated user to enable denial of service via local access. |
Xeon
|
| CVE-2024-41167 | Nov 13, 2024 |
Intel Server Board M10JNP2SB Family UEFI Firmware Privilege Escalation VulnerabilityImproper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access. |
M10jnp2sb Firmware
|
| CVE-2024-34545 | Sep 16, 2024 |
Intel RAID Web Console Info Disclosure via Auth Input Validation FlawImproper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access. |
Raid Web Console
|
| CVE-2024-36247 | Sep 16, 2024 |
Intel RAID Web Console: Improper ACL Enables Authenticated DoSImproper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service via adjacent access. |
Raid Web Console
|
| CVE-2024-34543 | Sep 16, 2024 |
Intel RAID Web Console Improper Access Control Enables Local Priv EscalationImproper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access. |
Raid Web Console
|
| CVE-2024-36261 | Sep 16, 2024 |
Intel RAID Web Console Improper Access Control Enabling Authenticated DoSImproper access control in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via adjacent access. |
Raid Web Console
|
| CVE-2024-21871 | Sep 16, 2024 |
Improper Input Validation in Intel UEFI Firmware Enables Local EscalationImproper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
Xeon E3 1268l V5 Firmware
Celeron G3900te Firmware
Celeron G3900 Firmware
And others... |