Uncontrolled Search Path Vulnerability in Intel oneAPI DPC++C++ Compiler Software
CVE-2025-32038
5.4MEDIUM
Key Information:
- Vendor
Intel
- Vendor
- CVE Published:
- 11 November 2025
What is CVE-2025-32038?
The Intel oneAPI DPC++C++ Compiler software is susceptible to an uncontrolled search path vulnerability, which may allow an unprivileged authenticated user to escalate privileges. This vulnerability arises due to a flaw in the handling of user applications and requires local access alongside a complex attack strategy. The attack could be executed without significant internal knowledge, although it necessitates active interaction from the user. If successfully exploited, this could severely impact the system's confidentiality, integrity, and availability.
Affected Version(s)
Intel oneAPI DPC++C++ Compiler software before version 2025.0.1
References
CVSS V4
Score:
5.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved