Description
Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Published: 2026-05-12
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A null pointer dereference occurs within the Intel(R) QAT software drivers for Windows when executed in user mode (Ring 3). The flaw allows an attacker with local, authenticated access and no special internal knowledge to trigger a denial of service. The vulnerability does not compromise confidentiality or integrity but results in high availability impact for the vulnerable system.

Affected Systems

Intel QAT Windows drivers prior to version 1.13 on Windows operating systems. The flaw is present in all driver releases before that version and affects any system that loads the QAT driver in a user‑space application.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate severity. EPSS is not published, but the vulnerability requires only local access and authentication, making it plausible for compromise on the system. It is not listed in the CISA KEV catalog, yet the attack path involves a low complexity local attack vector that could be executed without user interaction.

Generated by OpenCVE AI on May 12, 2026 at 17:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Intel QAT software drivers to version 1.13 or later, which contains the fix for the null pointer dereference.
  • If an update is not immediately available, remove or disable the QAT driver or disable hardware acceleration features that rely on the driver to prevent the denial of service.
  • Enforce strict local user access controls and monitor for abnormal termination of QAT‑dependent applications to detect potential exploitation.

Generated by OpenCVE AI on May 12, 2026 at 17:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 17:45:00 +0000

Type Values Removed Values Added
Title Denial of Service via Null Pointer Dereference in Intel QAT Windows Drivers

Tue, 12 May 2026 16:45:00 +0000

Type Values Removed Values Added
Description Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Weaknesses CWE-476
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published:

Updated: 2026-05-12T17:18:23.761Z

Reserved: 2025-12-04T04:00:32.831Z

Link: CVE-2026-20771

cve-icon Vulnrichment

Updated: 2026-05-12T17:18:18.742Z

cve-icon NVD

Status : Received

Published: 2026-05-12T17:16:18.060

Modified: 2026-05-12T17:16:18.060

Link: CVE-2026-20771

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T17:30:21Z

Weaknesses