CVE-2025-33000
BaseFortify
Publication date: 2025-11-11
Last updated on: 2025-11-26
Assigner: Intel Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| intel | quickassist_technology | to 2.6.0-0018 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is due to improper input validation in Intel QuickAssist Technology versions before 2.6.0 within Ring 3 user applications. It allows an authenticated user with local access and low complexity attack methods to escalate their privileges without needing special internal knowledge or user interaction.
How can this vulnerability impact me? :
The vulnerability can lead to escalation of privilege, potentially impacting the confidentiality, integrity, and availability of the affected system at a high level. This means an attacker could gain higher access rights, compromising sensitive data, altering system operations, or disrupting system availability.