PT-2023-1618 · Intel · Intel C++ Compiler Classic+2

Cristiano Giuffrida

Publicado

2023-01-10

Atualizado

2023-03-17

CVE-2022-40196

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel(R) oneAPI DPC++/C++ Compiler versions prior to 2022.2.1 Intel C++ Compiler Classic versions prior to 2021.7.1 Intel(R) oneAPI Toolkits versions prior to 2022.3.1

Description The issue is related to improper access control in the Intel(R) oneAPI DPC++/C++ Compiler and Intel C++ Compiler Classic, which may allow an authenticated user to potentially enable escalation of privilege via local access. This vulnerability is associated with deficiencies in access control, which can be exploited by an attacker to elevate their privileges.

Recommendations For Intel(R) oneAPI DPC++/C++ Compiler versions prior to 2022.2.1, update to version 2022.2.1 or later. For Intel C++ Compiler Classic versions prior to 2021.7.1, update to version 2021.7.1 or later. For Intel(R) oneAPI Toolkits versions prior to 2022.3.1, update to version 2022.3.1 or later.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

BDU:2023-01127

CVE-2022-40196

Produtos afetados

Intel C++ Compiler Classic

Intel Oneapi Dpc++/C++ Compiler

Intel Oneapi Toolkit

PT-2023-1618 · Intel · Intel C++ Compiler Classic+2

CVE-2022-40196

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4