CVE-2026-20709
CVE-2026-20709
In short
Some Intel Pentium Silver, Celeron J, and Celeron N processors use a default cryptographic key in hardware that could allow an attacker with physical access and special knowledge to gain elevated privileges and access sensitive data.
Technical detail
CWE-1394 involves use of a hardcoded or default cryptographic key in hardware. Attack vector requires physical access, reverse engineering capability, privileged user context, and specialized internal knowledge. Primary impact is confidentiality breach at system level; no integrity or availability impact.
Summary generated and translated by AI from the official description.
Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts.
CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →