Uncontrolled Search Path Vulnerability in Intel(R) oneAPI DPC++/C++ Compiler
CVE-2025-20627

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Oneapi Dpc++/c++ Compiler Software
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-20627?

A flaw in Intel's oneAPI DPC++/C++ Compiler prior to version 2025.0.1 can allow an authenticated user to exploit an uncontrolled search path. This vulnerability may lead to privilege escalation through unauthorized access. Proper mitigation measures should be implemented to secure the environment and prevent potential local exploitation.

Affected Version(s)

Intel(R) oneAPI DPC++/C++ Compiler software before version 2025.0.1

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Oct 12, 2024

JSON