Escalation of Privilege in Intel NPU Driver Software for User Applications
CVE-2026-20718

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Npu Driver Software Installers
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-20718?

The Intel NPU Driver software contains a vulnerability due to incorrect default permissions in versions before 32.0.100.4511, which may potentially allow an unprivileged adversary with authenticated user access to escalate privileges. This escalation can arise from local access, combined with complex attack techniques, possibly requiring active user interaction. The vulnerability poses a risk to the confidentiality, integrity, and availability of the affected systems, which necessitates immediate attention.

Affected Version(s)

Intel(R) NPU Driver software installers before version 32.0.100.4511

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Dec 3, 2025

CVE-2026-20718 Data

JSON