CVE-2025-35998
Privilege Escalation via Missing Protection in Intel Quick Assist Kernel
Publication date: 2026-02-10
Last updated on: 2026-02-10
Assigner: Intel Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| intel | quick_assist_technology | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1299 | The lack of protections on alternate paths to access control-protected assets (such as unprotected shadow registers and other external facing unguarded interfaces) allows an attacker to bypass existing protections to the asset that are only performed against the primary path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a missing protection mechanism for an alternate hardware interface in Intel Quick Assist Technology on some Intel platforms. It exists within Ring 0 (the kernel level), which means it affects the core of the operating system.
A system software adversary who already has privileged user access and some special internal knowledge can exploit this vulnerability with a low complexity attack to escalate their privileges further. This attack requires local access and no user interaction.
How can this vulnerability impact me? :
The vulnerability can lead to an escalation of privilege, allowing an attacker with some level of privileged access to gain higher privileges within the system.
It potentially impacts the confidentiality and integrity of the system at a high level, meaning sensitive information could be exposed or altered. However, it does not impact the availability of the system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know