Skip to main content

Quickassist Technology CVE-2023-32641

HIGH
Improper Input Validation (CWE-20)
2023-11-14 secure@intel.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 14, 2023 - 19:15 nvd
HIGH 8.8

DescriptionNVD

Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access.

AnalysisAI

Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. Affected products include: Intel Quickassist Technology.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2023-28741 HIGH
7.8 Nov 14

Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated

CVE-2023-28740 HIGH
7.8 Nov 14

Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allo

CVE-2020-12333 HIGH
7.8 Nov 12

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticate

CVE-2024-31858 HIGH
7.3 Feb 12

Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated us

CVE-2018-12193 MEDIUM
5.5 Oct 10

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an u

CVE-2024-29223 MEDIUM
5.4 Feb 12

Uncontrolled search path for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticat

CVE-2024-31153 MEDIUM
5.1 Feb 12

Improper input validation for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authentica

CVE-2025-33000 HIGH
7.3 Nov 11

Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications ma

CVE-2025-32732 MEDIUM
5.8 Nov 11

Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 5.8), this vuln

CVE-2025-32446 MEDIUM
6.8 Nov 11

Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Ap

CVE-2025-32088 MEDIUM
4.8 Nov 11

Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 4.8),

CVE-2025-31937 MEDIUM
5.7 Nov 11

Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. Rated medium severity (CVSS 5.7). No ven

Share

CVE-2023-32641 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy