Intel oneAPI Toolkit Vulnerability Could Lead to Denial of Service
CVE-2023-28715

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Oneapi Toolkit And Component Software Installers
Vendor: CVE Published:; 14 February 2024

What is CVE-2023-28715?

The vulnerability arises from improper access control within certain versions of Intel's oneAPI Toolkit and its associated component software installers. This flaw may be exploited by an authenticated user with local access, potentially enabling them to conduct denial of service attacks. It emphasizes the necessity for robust access controls to prevent unauthorized exploitation of software functionality. Users are encouraged to update to version 4.3.2 or later to mitigate this vulnerability.

Affected Version(s)

Intel(R) oneAPI Toolkit and component software installers before version 4.3.2

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Apr 7, 2023