CVE-2025-26402
📋 TL;DR
This vulnerability in Intel NPU drivers allows unprivileged user applications to cause a denial of service via local access. It affects systems with vulnerable Intel NPU drivers where an authenticated user can execute low-complexity attacks without special knowledge or user interaction.
💻 Affected Systems
- Intel NPU Drivers
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system unavailability requiring reboot, disrupting critical services and operations.
Likely Case
Local denial of service affecting NPU functionality and dependent applications.
If Mitigated
Minimal impact with proper access controls and monitoring in place.
🎯 Exploit Status
Requires authenticated user access and local execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Intel SA-01304 for specific patched versions
Vendor Advisory: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01304.html
Restart Required: Yes
Instructions:
1. Visit Intel Security Advisory SA-01304. 2. Identify affected driver versions. 3. Download and install updated NPU drivers from Intel. 4. Reboot system.
🔧 Temporary Workarounds
Restrict User Privileges
allLimit local user privileges to reduce attack surface
Monitor NPU Driver Processes
allImplement monitoring for unusual NPU driver activity
🧯 If You Can't Patch
- Implement strict access controls and least privilege principles
- Monitor systems for denial of service indicators and NPU driver crashes
🔍 How to Verify
Check if Vulnerable:
Check Intel NPU driver version against advisory SA-01304Check Version:
Windows: Check Device Manager > System devices > Intel NPU. Linux: Check driver version via system logs or vendor tools.Verify Fix Applied:
Verify NPU driver version matches patched version from Intel advisory📡 Detection & Monitoring
Log Indicators:
- NPU driver crashes
- System event logs showing driver failures
- Application errors related to NPU functionality
Network Indicators:
- None - local vulnerability only
SIEM Query:
EventID for driver crashes OR process termination events for NPU-related executables