AI description
CVE-2015-2291 is a vulnerability found in the Intel Ethernet diagnostics driver for Windows, specifically affecting IQVW32.sys and IQVW64.sys versions before 1.3.1.0. It stems from improper input validation within the driver. A local attacker can exploit this vulnerability by sending crafted IOCTL calls (specifically 0x80862013, 0x8086200B, 0x8086200F, or 0x80862007). Successful exploitation could lead to a denial of service or the execution of arbitrary code with kernel privileges. This vulnerability is listed in CISA's Known Exploited Vulnerabilities Catalog and has been used in ransomware campaigns.
- Description
- (1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Data from CISA
- Vulnerability name
- Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability
- Exploit added on
- Feb 10, 2023
- Exploit action due
- Mar 3, 2023
- Required action
- Apply updates per vendor instructions.
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
20
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2021-26857 (Exchange On-Pre..) +210.76% - CVE-2022-26500 (Veeam Backup & ..) +24.70% - CVE-2015-2291 (IQVW32.sys (BYO..) +22.80% - CVE-2023-27532 (Veeam Backup & ..) +17.62% - CVE-2021-27876 (Verit
@DefusedCyber
22 Sept 2025
10416 Impressions
13 Retweets
89 Likes
63 Bookmarks
1 Reply
1 Quote
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2015-2291 (IQVW32.sys (BYO..) +23.34% - CVE-2024-26169 (Windows Error R..) +9.58% - CVE-2023-20269 (ASA..) +6.84% - CVE-2023-20269 (FTD..) +6.84% - CVE-2022-27510 (NetScaler ADC..) +6.76%
@DefusedCyber
15 Sept 2025
8370 Impressions
10 Retweets
79 Likes
38 Bookmarks
1 Reply
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:ethernet_diagnostics_driver_iqvw32.sys:1.03.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94AFBAC8-D782-4CDC-B961-0EEAD97DA0A3"
},
{
"criteria": "cpe:2.3:a:intel:ethernet_diagnostics_driver_iqvw64.sys:1.03.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B82125E5-B02D-4021-8D5C-DEB11C87CAFB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]