Skip to main content

Intel CVE-2026-20709

| EUVDEUVD-2026-20538 MEDIUM
Use of Default Cryptographic Key (CWE-1394)
2026-04-08 intel GHSA-vfxw-prhr-fvhh
5.8
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.8 MEDIUM
CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Red Hat
6.6 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Physical
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

3
EUVD ID Assigned
Apr 08, 2026 - 19:31 euvd
EUVD-2026-20538
Analysis Generated
Apr 08, 2026 - 19:31 vuln.today
CVE Published
Apr 08, 2026 - 18:20 nvd
MEDIUM 5.8

DescriptionCVE.org

Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts.

AnalysisAI

Use of a default cryptographic key in Intel Pentium Processor Silver Series, Celeron Processor J Series, and Celeron Processor N Series hardware allows privilege escalation when a hardware reverse engineer with privileged user access performs a high-complexity physical attack with special internal knowledge. The vulnerability has a CVSS score of 5.8 with physical attack vector (AV:P) and high attack complexity (AC:H), requiring privileged access (PR:H) and special attack time requirements (AT:P). No public exploit code or active CISA KEV designation has been identified.

Technical ContextAI

This vulnerability stems from the use of default or hardcoded cryptographic keys embedded in the hardware design of Intel's low-end processor lines (Pentium Silver, Celeron J/N series), classified under CWE-1394 (Use of Default Cryptographic Key). The root cause involves insufficient key management during hardware manufacturing or design, allowing an adversary with physical access and specialized reverse-engineering capabilities to extract and leverage the default key material. This affects the confidentiality of the hardware security module or trusted execution environment, potentially exposing encryption keys or secure boot mechanisms. The attack requires not only physical possession and disassembly of the processor but also deep knowledge of the hardware architecture, making this a highly specialized threat requiring significant adversary capabilities.

RemediationAI

Remediation for this vulnerability requires a hardware-level fix, as the default cryptographic key is embedded in the processor silicon itself. Intel customers should consult the official security advisory (Intel Security Advisory SA-00609 at https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00609.html) for specific guidance on affected processor steppings and availability of microcode updates or replacement hardware. Organizations concerned about the exploitation of this vulnerability should implement compensating controls including: restricting physical access to systems containing affected processors, implementing secure boot and firmware integrity checks to detect unauthorized key extraction, and deploying detection mechanisms for anomalous cryptographic operations that might indicate key compromise. For systems where this threat model is applicable, consultation with Intel field security engineers and hardware procurement teams is recommended to identify replacement or mitigated processor versions.

More in Intel

View all
CVE-2017-5689 CRITICAL POC
9.8 May 02

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Mana

CVE-2012-5958 CRITICAL POC
10.0 Jan 31

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable

CVE-2012-0217 HIGH POC
7.2 Jun 12

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and

CVE-2012-5959 CRITICAL POC
10.0 Jan 31

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable

CVE-2012-5964 CRITICAL POC
10.0 Jan 31

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable

CVE-2012-5963 CRITICAL POC
10.0 Jan 31

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable

CVE-2012-5961 CRITICAL POC
10.0 Jan 31

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable

CVE-2012-5965 CRITICAL POC
10.0 Jan 31

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable

CVE-2012-5962 CRITICAL POC
10.0 Jan 31

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable

CVE-2012-5960 CRITICAL POC
10.0 Jan 31

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable

CVE-2015-2291 HIGH POC
7.8 Aug 09

Local privilege escalation to SYSTEM in Intel Ethernet diagnostics driver (IQVW32.sys/IQVW64.sys versions before 1.3.1.0

CVE-2024-44308 HIGH
8.8 Nov 20

Arbitrary code execution in Apple Safari, iOS/iPadOS, macOS Sequoia, and visionOS occurs when processing maliciously cra

Vendor StatusVendor

Share

CVE-2026-20709 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy