Which versions of Quickassist Technology are affected by CVE-2024-31858?

CVE-2024-31858 presents moderate security risk, a out-of-bounds write vulnerability rated CVSS 7.3.. A patch is available.

How to fix or mitigate CVE-2024-31858?

Within 7 days: Identify all affected systems and apply vendor patches promptly. If patching is delayed, consider network segmentation to limit exposure.

Quickassist Technology CVE-2024-31858

Q: What is the CVSS score of CVE-2024-31858?

CVE-2024-31858 has a CVSS 4.0 base score of 7.3 (High). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

HIGH

Out-of-bounds Write (CWE-787)

2025-02-12 secure@intel.com

Privilege Escalation Buffer Overflow Memory Corruption Intel Quickassist Technology

7.3

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:26 vuln.today

Patch released

Mar 28, 2026 - 18:26 nvd

Patch available

CVE Published

Feb 12, 2025 - 22:15 nvd

HIGH 7.3

DescriptionNVD

Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

AnalysisAI

Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Out-of-bounds write for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Affected products include: Intel Quickassist Technology. Version information: version 2.2.0.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).