Null Pointer Dereference in Intel QAT Software Drivers for Windows
CVE-2026-20771

6.9MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Qat Software Drivers For Windows
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-20771?

A vulnerability exists in the Intel QAT software drivers for Windows prior to version 1.13, where a null pointer dereference can occur. This may allow an attacker with authenticated local access to exploit the issue leading to a denial of service condition. The attack complexity is relatively low, requiring no special internal knowledge, thus posing a risk to system availability. While the vulnerability does not impact confidentiality or integrity, it significantly threatens the availability of the affected systems, making it vital for users to upgrade to version 1.13 or later to mitigate the risks associated with this flaw.

Affected Version(s)

Intel(R) QAT software drivers for Windows before version 1.13

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Dec 4, 2025

CVE-2026-20771 Data

JSON