How severe is CVE-2026-20709?

Medium severity. CVSS v3 base score is 6.6 out of 10.

Vulnerability in Intel(r) Pentium(r) Processor Silver Series, Celeron(r) J N Series May Allow An Escalation Of Privilege. Hardware Reverse Engineer Adversary With A Privileged User Combined High Complexity Attack Enable This Result Potentially Occur Via Physical Access When Requirements Are Present Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (None) Availability Vulnerable System, Resulting In Subsequent System (High) Impacts.

CVE-2026-20709

Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse en…

EPSS: 0.000 (5.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.6 (Medium). Vector: CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N.

Affected products

N/a Intel(r) Pentium(r) Processor Silver Series, Celeron(r) J N Series May Allow An Escalation Of Privilege. Hardware Reverse Engineer Adversary With A Privileged User Combined High Complexity Attack Enable This Result Potentially Occur Via Physical Access When Requirements Are Present Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (None) Availability Vulnerable System, Resulting In Subsequent System (High) Impacts. — versions See references

Weakness classification (CWE)

CWE-1394

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00609.html

Frequently asked questions

What is CVE-2026-20709?: CVE-2026-20709 is a medium-severity vulnerability in Intel(r) Pentium(r) Processor Silver Series, Celeron(r) J N Series May Allow An Escalation Of Privilege. Hardware Reverse Engineer Adversary With A Privileged User Combined High Complexity Attack Enable This Result Potentially Occur Via Physical Access When Requirements Are Present Special Internal Knowledge And Requires No Interaction. The Potential Vulnerability Impact Confidentiality (High), Integrity (None) Availability Vulnerable System, Resulting In Subsequent System (High) Impacts., classified under CWE-1394. CVSS score: 6.6/10. Published 2026-04-08.
How severe is CVE-2026-20709?: Medium severity. CVSS v3 base score is 6.6 out of 10.