Uncontrolled Search Path in Intel oneAPI DPC++/C++ Compiler Software
CVE-2024-47795

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Oneapi Dpc++/c++ Compiler Software
Vendor: CVE Published:; 13 May 2025

What is CVE-2024-47795?

The vulnerability affects the Intel oneAPI DPC++/C++ Compiler software versions prior to 2025.0.0. It arises from an uncontrolled search path that could allow an authenticated user with local access to exploit this flaw, potentially leading to an escalation of privilege. Users are encouraged to upgrade to the latest version to mitigate this risk.

Affected Version(s)

Intel(R) oneAPI DPC++/C++ Compiler software before version 2025.0.0

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Oct 9, 2024