Uncontrolled Search Path Vulnerability in Intel High Level Synthesis Compiler
CVE-2024-36280

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) High Level Synthesis Compiler Software
Vendor: CVE Published:; 12 February 2025

What is CVE-2024-36280?

The vulnerability in Intel High Level Synthesis Compiler software allows an authenticated user to exploit an uncontrolled search path, potentially leading to escalation of privilege through local access. This risk may enable unauthorized actions within the software environment, making it crucial for users to apply the latest updates to safeguard their systems. For further details and mitigation steps, refer to Intel's advisory.

Affected Version(s)

Intel(R) High Level Synthesis Compiler software before version 24.2

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Jun 29, 2024