{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2025-35998", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "dateReserved": "2025-04-15T21:18:44.490Z", "datePublished": "2026-02-10T16:26:00.829Z", "dateUpdated": "2026-06-30T12:07:20.935Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2026-02-10T16:26:00.829Z" }, "problemTypes": [ { "descriptions": [ { "lang": "en", "description": "Escalation of Privilege" }, { "lang": "en", "description": "Missing Protection Mechanism for Alternate Hardware Interface", "cweId": "CWE-1299", "type": "CWE" } ] } ], "affected": [ { "vendor": "n/a", "product": "Intel(R) Platforms", "versions": [ { "version": "See references", "status": "affected" } ], "defaultStatus": "unaffected" } ], "descriptions": [ { "lang": "en", "value": "Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts." } ], "references": [ { "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01406.html", "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01406.html" } ], "metrics": [ { "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ], "cvssV3_1": { "version": "3.1", "baseScore": 7.9, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE" }, "cvssV4_0": { "version": "4.0", "baseScore": 7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE" } } ] }, "adp": [ { "metrics": [ { "other": { "type": "ssvc", "content": { "id": "CVE-2025-35998", "role": "CISA Coordinator", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "version": "2.0.3", "timestamp": "2026-02-11T04:56:22.628123Z" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T15:04:08.464Z" } }, { "affected": [ { "cpes": [ "cpe:/o:redhat:enterprise_linux_eus:10.0" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 10", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" } ], "datePublic": "2026-02-10T16:26:00.829Z", "descriptions": [ { "lang": "en", "value": "Missing protection mechanism for alternate hardware interface in the IntelĀ® Quick Assist Technology for some IntelĀ® Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.9, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1220", "description": "Insufficient Granularity of Access Control", "lang": "en", "type": "CWE" } ] } ], "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2025-35998" }, { "name": "RHBZ#2438523", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438523" }, { "tags": [ "x_sadp-csaf-vex" ], "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-35998.json" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:6888" } ], "solutions": [ { "lang": "en", "value": "RHSA-2026:6888: Red Hat Enterprise Linux BaseOS EUS (v. 10.0)" } ], "timeline": [ { "lang": "en", "time": "2026-02-10T17:02:49.270Z", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2026-02-10T16:26:00.829Z", "value": "Made public." } ], "title": "Intel (R): From CVEorg collector", "x_adpType": "supplier", "x_generator": { "engine": "sadp-cli 1.0.0" }, "providerMetadata": { "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c", "shortName": "redhat-SADP", "dateUpdated": "2026-06-30T12:07:20.935Z" } } ] } }