# CVE-2015-2291

> (1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.

- **CVSS:** 7.8 (HIGH)
- **EPSS:** 4.9%
- **CISA KEV:** yes (known ransomware use)
- **CWE:** CWE-20

Canonical: https://intel.threadlinqs.com/cve/CVE-2015-2291
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp