Severity
Medium
Analysis Summary
CVE-2025-27710 CVSS:6.5
Intel QAT Software Drivers could allow a local authenticated attacker to obtain sensitive information, caused by untrusted pointer dereference. By sending a specially-crafted request, an attacker could exploit this vulnerability, obtain sensitive information from files, and use this information to launch further attacks against the affected system.
CVE-2025-27249 CVSS:5.5
Intel Gaudi Software is vulnerable to a denial of service, caused by uncontrolled resource consumption. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2025-24491 CVSS:6.7
Intel Killer Performance Suite software could allow a local authenticated attacker to gain elevated privileges on the system, caused by uncontrolled search path. An authenticated attacker could exploit this vulnerability to enable escalation of privilege.
Impact
- Denial of Service
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2025-27710
CVE-2025-27249
CVE-2025-24491
Affected Vendors
Affected Products
- Intel QAT Software Drivers
- Intel Gaudi Software
- Intel Killer Software
Remediation
Upgrade to the latest version of Intel, available from the Intel Website.