Uncontrolled Search Path Element in Intel MPI Library Affects OneAPI HPC Toolkit
CVE-2022-26052

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Mpi Library For Intel(r) Oneapi HPc Toolkit
Vendor: CVE Published:; 16 February 2023

What is CVE-2022-26052?

The Intel MPI Library prior to version 2021.6 in the Intel oneAPI HPC Toolkit contains a flaw related to uncontrolled search path elements. This vulnerability allows an authenticated user to potentially escalate privileges via local access, posing a risk to the integrity of systems relying on the affected library. For those utilizing Intel's tools, immediate attention to system configuration and updates is recommended to mitigate potential exploitation.

Affected Version(s)

Intel(R) MPI Library for Intel(R) oneAPI HPC Toolkit before version 2021.6

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2023
Vulnerability Reserved
Mar 9, 2022

JSON