Intel oneAPI Toolkit Vulnerability Could Lead to Denial of Service
CVE-2023-28715
5.5MEDIUM
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 14 February 2024
Summary
The vulnerability arises from improper access control within certain versions of Intel's oneAPI Toolkit and its associated component software installers. This flaw may be exploited by an authenticated user with local access, potentially enabling them to conduct denial of service attacks. It emphasizes the necessity for robust access controls to prevent unauthorized exploitation of software functionality. Users are encouraged to update to version 4.3.2 or later to mitigate this vulnerability.
Affected Version(s)
Intel(R) oneAPI Toolkit and component software installers before version 4.3.2
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved