Uncontrolled Search Path Vulnerability in Intel oneAPI Toolkit Could Lead to Escalation of Privilege
CVE-2023-32618
7.8HIGH
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 14 February 2024
Summary
An issue has been identified in Intel's oneAPI Toolkit and associated component software installers that allows authenticated users to potentially escalate their privileges due to an uncontrolled search path. This vulnerability affects versions before 4.3.2, prompting users to take measures to secure their installations and mitigate potential risks. The flaw exploits the way the installers handle search paths during the installation process, making it crucial for users to update their software to the latest version to prevent unauthorized local access and privileges escalation.
Affected Version(s)
Intel(R) oneAPI Toolkit and component software installers before version 4.3.2
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved