Zero Day MonitorZDM

← Back to list

—

CVE-2026-20718

intel · Intel(R) NPU Driver software installers

CVE-2026-20718: Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring

Description

Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Affected Products

Vendor	Product	Versions
intel	Intel(R) NPU Driver software installers	before version 32.0.100.4511

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01424.html

Related News (1 articles)

Tier C

VulDB19h ago

CVE-2026-20718 | Intel NPU Driver software installers prior 32.0.100.4511 default permission (intel-sa-01424)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

CWECWE-276

PublishedMay 12, 2026

Last enriched18h ago

Trending Score23

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-20794EXP

CVE-2026-20794: Buffer overflow for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1

HIGHCVE-2026-20879EXP

CVE-2026-20879: Out-of-bounds write for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ri

HIGHCVE-2026-20751EXP

CVE-2026-20751: Out-of-bounds read for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Rin

NONECVE-2025-35969

CVE-2025-35969: Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3

Multiple Vulnerabilities in Intel Processors Allow Local Privilege Escalation and Information Disclosure

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 12, 2026

Discovered by ZDM

May 12, 2026