CVE-2026-20718

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,4

Source: [email protected]

Attack Vector: local

Attack Complexity: high

Privileges Required: low

User Interaction: active

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

276

Incorrect Default Permissions

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity

Potential Impacts:

Read Application Data Modify Application Data

Applicable Platforms

Technologies: ICS/OT, Not Technology-Specific

Likelihood of Exploit: Medium

View CWE Details

https://intel.com/content/www/us/en/security-center/advisor…

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01424.html

CVE-2026-20718

Description

Incorrect Default Permissions

Common Consequences

Applicable Platforms

Iscriviti alla newsletter