Untrusted Pointer Dereference in Intel QAT Windows Software
CVE-2025-27710

6.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Qat Windows Software
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-27710?

The vulnerability is characterized by an untrusted pointer dereference in Intel QAT Windows software prior to version 2.6.0. This flaw may allow for information disclosure to occur when an attacker with authenticated user privileges exploits the issue through local access. The attack does not require special internal knowledge, making it particularly insidious as lower complexity is involved. As a result, sensitive data may be exposed without any interaction from the user, undermining system confidentiality.

Affected Version(s)

Intel(R) QAT Windows software before version 2.6.0.

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Apr 15, 2025

JSON