Ycdxsb

**Name of the Vulnerable Software and Affected Versions** Visual Studio (affected versions not specified) **Description** The issue is related to an uncontrolled search path element in Visual Studio, allowing an authorized attacker to elevate privileges locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EPCT software versions prior to 1.42.8.0 **Description** The issue concerns an uncontrolled search path in some EPCT software, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 1.42.8.0, update to version 1.42.8.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) QuickAssist Technology software versions prior to 2.2.0 **Description** The issue is related to an uncontrolled search path in some Intel(R) QuickAssist Technology software. This could potentially allow an authenticated user to enable escalation of privilege via local access. **Recommendations** For versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Advisor versions prior to 2024.2 **Description** The issue concerns an uncontrolled search path in some Intel(R) Advisor software, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2024.2, update to version 2024.2 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: ModelSim versions prior to V2025.1 Questa versions prior to V2025.1 Description: A vulnerability has been identified that allows an authenticated local attacker to inject arbitrary code and escalate privileges. This is possible because an example setup script contained in affected applications loads a specific executable file from the current working directory. If administrators or processes with elevated privileges launch the script from a user-writable directory, the attacker could exploit this issue. Recommendations: For ModelSim versions prior to V2025.1, update to version V2025.1 or later to resolve the issue. For Questa versions prior to V2025.1, update to version V2025.1 or later to resolve the issue. As a temporary workaround, consider restricting the launch of the setup script from user-writable directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Quartus(R) Prime versions prior to 23.1.1 Patch 1.01std **Description** The issue concerns an uncontrolled search path in some Intel(R) Quartus(R) Prime Software, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 23.1.1 Patch 1.01std, update to version 23.1.1 Patch 1.01std or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) VPL versions prior to 2023.4.0 **Description** The issue concerns an uncontrolled search path in some Intel(R) VPL software, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2023.4.0, update to version 2023.4.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) GPA and Intel(R) GPA Framework (affected versions not specified) **Description** The issue concerns incorrect default permissions for some software installers, potentially allowing an authenticated user to enable escalation of privilege via local access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) MPI Library for Windows versions prior to 2021.13 **Description** The issue concerns an uncontrolled search path in some Intel(R) MPI Library for Windows software. This could potentially allow an authenticated user to enable escalation of privilege via local access. **Recommendations** For versions prior to 2021.13, update to version 2021.13 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) High Level Synthesis Compiler versions prior to 24.2 **Description** The issue is related to an uncontrolled search path in some Intel(R) High Level Synthesis Compiler software. This may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 24.2, update to version 24.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Server M50FCP family versions prior to R01.02.0002 **Description** The issue is related to an uncontrolled search path element in some BIOS and System Firmware Update Packages. This could potentially allow a privileged user to enable escalation of privilege via local access. **Recommendations** For versions prior to R01.02.0002, update to version R01.02.0002 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Visual Studio Code (affected versions not specified) Description: The issue concerns an elevation of privilege vulnerability. No specific details about affected devices, real-world incidents, or technical exploitation details such as API endpoints, vulnerable parameters, or function names are provided. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FPGA Support Package for the Intel(R) oneAPI DPC++/C++ Compiler software for Windows versions prior to 2024.2 **Description** The issue is related to an uncontrolled search path in the FPGA Support Package for the Intel(R) oneAPI DPC++/C++ Compiler software. This may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2024.2, update to version 2024.2 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Visual Studio Code JS Debug Extension (affected versions not specified) Description: The issue concerns an elevation of privilege vulnerability in the JavaScript debugging extension of Visual Studio Code. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Ethernet Adapter Complete Driver Pack versions prior to 29.1 **Description** The issue is related to an uncontrolled search path in some installations of the Intel(R) Ethernet Adapter Complete Driver Pack. This could potentially allow an authenticated user to enable escalation of privilege via local access. **Recommendations** For versions prior to 29.1, update to version 29.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Visual Studio (affected versions not specified) **Description** The issue is related to insufficient access control in Microsoft Visual Studio, which could allow an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) IPP software for Windows versions prior to 2021.12.0 **Description** The issue is related to an uncontrolled search path in some Intel(R) IPP software for Windows, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2021.12.0, update to version 2021.12.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Quartus(R) Prime Standard Edition software for Windows versions prior to 23.1.1 **Description** The issue is related to an uncontrolled search path in some versions of the Intel(R) Quartus(R) Prime Standard Edition software for Windows. This may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 23.1.1, update to version 23.1.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Graphics Offline Compiler for OpenCL(TM) Code software for Windows versions prior to 2024.1.0.142 Intel(R) Graphics Driver versions prior to 31.0.101.5445 **Description** The issue is related to an uncontrolled search path in the Intel(R) Graphics Offline Compiler for OpenCL(TM) Code software for Windows. This could allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For Intel(R) Graphics Offline Compiler for OpenCL(TM) Code software for Windows versions prior to 2024.1.0.142, update to version 2024.1.0.142 or later. For Intel(R) Graphics Driver versions prior to 31.0.101.5445, update to version 31.0.101.5445 or later.

**Name of the Vulnerable Software and Affected Versions** JAM STAPL Player versions prior to 2.6.1 **Description** The issue is related to improper access control in the software, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 2.6.1, update to version 2.6.1 or later to resolve the issue.