Potential Escalation of Privilege via Local Access in Intel MPI Library Software
CVE-2023-41091

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Mpi Library Software
Vendor: CVE Published:; 14 February 2024

Summary

An uncontrolled search path vulnerability exists in the Intel MPI Library prior to version 2021.11. This vulnerability may allow an authenticated user with local access to alter the behavior of the library, enabling potential escalation of privileges. The flaw comes from improper handling of environment variables or paths, leading to execution of unauthorized code. Users and administrators are recommended to upgrade to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Intel(R) MPI Library Software before version 2021.11

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Sep 14, 2023