Skip to main content

Quickassist Technology CVE-2020-12333

HIGH
Insufficiently Protected Credentials (CWE-522)
2020-11-12 secure@intel.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 12, 2020 - 19:15 nvd
HIGH 7.8

DescriptionNVD

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

AnalysisAI

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Insufficiently Protected Credentials (CWE-522), which allows attackers to obtain user credentials due to weak protection mechanisms. Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Affected products include: Intel Quickassist Technology. Version information: version 1.7..

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Hash passwords with strong algorithms (bcrypt, argon2), encrypt credentials in transit and at rest, never log credentials.

CVE-2023-32641 HIGH
8.8 Nov 14

Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privi

CVE-2023-28741 HIGH
7.8 Nov 14

Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated

CVE-2023-28740 HIGH
7.8 Nov 14

Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allo

CVE-2024-31858 HIGH
7.3 Feb 12

Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated us

CVE-2018-12193 MEDIUM
5.5 Oct 10

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an u

CVE-2024-29223 MEDIUM
5.4 Feb 12

Uncontrolled search path for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticat

CVE-2024-31153 MEDIUM
5.1 Feb 12

Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authentica

CVE-2025-33000 HIGH
7.3 Nov 11

Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications ma

CVE-2025-32732 MEDIUM
5.8 Nov 11

Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 5.8), this vuln

CVE-2025-32446 MEDIUM
6.8 Nov 11

Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Ap

CVE-2025-32088 MEDIUM
4.8 Nov 11

Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 4.8),

CVE-2025-31937 MEDIUM
5.7 Nov 11

Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 5.7). No ven

Share

CVE-2020-12333 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy