CVE-2025-32091
📋 TL;DR
Incorrect default permissions in firmware for Intel Arc B-series GPUs allow local attackers with existing privileged access to escalate privileges via device drivers. This affects systems using these specific GPUs, enabling complete system compromise through local access without user interaction.
💻 Affected Systems
- Intel Arc B-series GPUs
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system takeover with administrative privileges, allowing data theft, system modification, persistence installation, and disabling of security controls.
Likely Case
Privileged attackers gaining kernel-level access to bypass security boundaries, install malware, or access protected system resources.
If Mitigated
Limited impact if proper access controls, least privilege principles, and network segmentation are implemented to restrict local attacker movement.
🎯 Exploit Status
Requires local access and existing privileged user; described as low complexity attack by Intel advisory.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Intel GPU driver updates and firmware updates
Vendor Advisory: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01356.html
Restart Required: Yes
Instructions:
1. Visit Intel's security advisory page. 2. Download latest GPU drivers and firmware updates. 3. Install updates following Intel's instructions. 4. Reboot system to apply changes.
🔧 Temporary Workarounds
Restrict local access
allLimit physical and remote local access to systems with vulnerable GPUs
Implement least privilege
allReduce number of users with local administrative privileges
🧯 If You Can't Patch
- Isolate affected systems in separate network segments
- Implement strict access controls and monitoring for systems with vulnerable GPUs
🔍 How to Verify
Check if Vulnerable:
Check GPU model in Device Manager (Windows) or lspci (Linux) for Intel Arc B-series, then check firmware/driver versions against Intel advisoryCheck Version:
Windows: dxdiag or Device Manager; Linux: lspci -v | grep -i intelVerify Fix Applied:
Verify GPU driver and firmware versions match or exceed patched versions specified in Intel advisory📡 Detection & Monitoring
Log Indicators:
- Unusual GPU driver activity
- Privilege escalation attempts
- Unexpected firmware modifications
Network Indicators:
- None - local vulnerability only
SIEM Query:
Search for: (EventID: 4688 OR Process Creation) AND (ProcessName contains 'GPU' OR 'driver') AND (CommandLine contains unusual parameters)