CVE-2015-2291

7.8

CVSS
High

PUBLISHED

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a...

Exploited in the wild Used in malware Low complexity No user interaction

Vendor: Intel
Product: Ethernet diagnostics driver for Windows
Published: Aug 09, 2017
EPSS: —

Description

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

windows cisa malware ransomware nessus_scanner

CVSS scores

CVSS v3.1 7.8 High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 7.2

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitation status

Exploited in the wild

Recorded 2023-02-10 00:00:00 UTC · Source

Used in malware

Recorded 2023-02-10 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: No
Technical impact: total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Feb 10, 2023

Scanner integrations

Scanner	Reference	Detected
Nessus	https://www.tenable.com/plugins/nessus/171959	Jun 02, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

gmh5225/CVE-2015-2291

github · Created 2022-06-28 17:46:19 UTC · 0 stars

(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

Tare05/Intel-CVE-2015-2291

github · Created 2020-02-22 13:27:16 UTC · 4 stars

PoC exploit for CVE-2015-2291

Vulnerability detail