CVE-2025-27710 – This vulnerability in Intel QAT Windows softwar... (How to Fix)

Q: What is the severity of CVE-2025-27710?

CVE-2025-27710 has a CVSS score of 6.5 (MEDIUM). This vulnerability in Intel QAT Windows software allows authenticated local users to potentially read sensitive information from memory. It affects systems running vulnerable versions of Intel QAT software on Windows, requiring local access but no special privileges.

📋 TL;DR

This vulnerability in Intel QAT Windows software allows authenticated local users to potentially read sensitive information from memory. It affects systems running vulnerable versions of Intel QAT software on Windows, requiring local access but no special privileges.

💻 Affected Systems

Products:

Intel Quick Assist Technology (QAT) Windows software

Versions: All versions before 2.6.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Intel QAT software installed. Requires authenticated user access.

📦 What is this software?

Quickassist Technology by Intel

View all CVEs affecting Quickassist Technology →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could read sensitive data from kernel memory, potentially exposing encryption keys, passwords, or other confidential information.

🟠

Likely Case

Local authenticated users could read portions of memory they shouldn't have access to, potentially exposing application data or system information.

🟢

If Mitigated

With proper access controls and patching, the risk is limited to authorized users who would already have some level of system access.

🌐 Internet-Facing: LOW - Requires local access and authenticated user context.

🏢 Internal Only: MEDIUM - Internal users with authenticated access could potentially exploit this for information disclosure.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires authenticated local access. Attack complexity is described as low in the CVE description.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.6.0 or later

Vendor Advisory: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01373.html

Restart Required: Yes

Instructions:

1. Download Intel QAT software version 2.6.0 or later from Intel's website
2. Stop any applications using QAT
3. Install the updated software
4. Restart the system

🔧 Temporary Workarounds

Restrict local access

windows

Limit local user access to systems running vulnerable QAT software

🧯 If You Can't Patch

Implement strict access controls to limit which users can log into affected systems
Monitor for unusual memory access patterns or information disclosure attempts

🔍 How to Verify

Check if Vulnerable:

Check Intel QAT software version in Windows Programs and Features or via command line: wmic product where "name like '%Intel%QAT%'" get version

Check Version:

wmic product where "name like '%Intel%QAT%'" get version

Verify Fix Applied:

Verify installed version is 2.6.0 or higher using the same command

📡 Detection & Monitoring

Log Indicators:

Unusual memory access patterns
Failed attempts to access protected memory regions

Network Indicators:

None - this is a local vulnerability

SIEM Query:

Windows Event ID 4656 (Handle to an object was requested) with QAT-related processes

📊 Metadata

CVE ID: CVE-2025-27710

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE: CWE-822

EPSS Score: 0.02% exploit probability (4.2th percentile)

Published: November 11, 2025

Last Updated: November 26, 2025

🔗 References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01373.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-27710, you might also want to check these: