The latest security information on Intel® products.

Summary: 

Potential security vulnerabilities for some Intel® Graphics software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities.

Vulnerability Details: 

CVEID:  CVE-2025-20023

Description: Incorrect default permissions for some Intel® Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score 3.1: 6.7 Medium

CVSS Vector 3.1:  CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS Base Score 4.0: 5.4 Medium

CVSS Vector 4.0:  CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVEID:  CVE-2025-27717

Description: Uncontrolled search path for some Intel® Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access

CVSS Base Score 3.1: 6.7 Medium

CVSS Vector 3.1:  CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS Base Score 4.0: 5.4 Medium

CVSS Vector 4.0:  CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVEID:  CVE-2025-24515

Description: NULL pointer dereference for some Intel® Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score 3.1: 6.5 Medium

CVSS Vector 3.1:  CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVSS Base Score 4.0: 6.8 Medium

CVSS Vector 4.0:  CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CVEID:  CVE-2025-24835

Description: Protection mechanism failure in the Intel® Graphics Driver for the Intel® Arc™ B-Series graphics before version 32.0.101.6737 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score 3.1: 6.5 Medium

CVSS Vector 3.1:  CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVSS Base Score 4.0: 4.1 Medium

CVSS Vector 4.0:  CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

Intel® Graphics Drivers for:

• Intel® Arc™ graphics before version 32.0.101.6737.
• Intel® Arc™ B-series graphics before version 32.0.101.6737.
• Intel® Arc™ Pro graphics before version 32.0.101.6637.
• Intel® Data Center GPU Flex Series before version 32.0.101.6733.
• Intel® Iris® Xe graphics before version 32.0.101.6737.
• 7th-10th Gen Intel® Core™ processor family before version 31.0.101.2135.
• Intel Atom®, Pentium®, and Celeron® processors before version 31.0.101.2135.

Recommendation:

Intel recommends updating Intel® Graphics Driver for Intel® Arc™ graphics and Intel® Iris® Xe graphics to version 32.0.101.6737 or later.

Updates are available for download at this location:  

https://www.intel.com/content/www/us/en/download/785597

Intel recommends updating Intel® Graphics Driver for Intel® Arc™ Pro graphics to version 32.0.101.6637 or later.

Updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/741626/

Intel recommends updating Intel® Graphics Driver for Intel® Data Center GPU Flex Series to version 32.0.101.6733 or later.

Updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/780185

Intel recommends updating Intel® Graphics Driver for 7th-10th Gen Intel® Core™ processor family and related Intel Atom®, Pentium® and Celeron® processors to version 31.0.101.2135 or later.

Updates are available for download at this location:

https://www.intel.com/content/www/us/en/download/776137

Acknowledgements:

Intel would like to thank @sim0nsecurity (CVE-2025-20023) and houjingyi (CVE-2025-27717) for reporting these issues.

Intel would like to thank Intel employee Artem Shishkin (CVE-2025-24515) for reporting this issue.  The following issue was also found internally by Intel employees, CVE-2025-24835.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.