Intel QuickAssist Technology Privilege Escalation Vulnerability

A vulnerability allowing untrusted pointer dereference has been identified in some Intel QuickAssist Technology (QAT) software for Windows, prior to version 2.6.0. This vulnerability resides within Ring 3: User Applications, and may facilitate unauthorized privilege escalation. An authenticated system software adversary could exploit this vulnerability to manipulate data, potentially through local access. The attack requires no user interaction but does necessitate specific internal knowledge. While the vulnerability itself could lead to high integrity impact, it may also allow a system-level escalation of privilege, with similar integrity consequences.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing an authenticated user to gain elevated rights and potentially manipulate system data or functions.

Remediation

Users are advised to update Intel QuickAssist Technology Windows software to version 2.6.0 or later. The update is available for download from the Intel Download Center.