PT-2023-1615 · Intel · Intel Oneapi Toolkit+2
Chunyang Dai
+1
·
Published
2023-01-10
·
Updated
2023-03-17
·
CVE-2022-38136
CVSS v3.1
7.3
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel(R) oneAPI DPC++/C++ Compiler for Windows versions prior to 2022.2.1
Intel(R) oneAPI Toolkits versions prior to 2022.3.1
Intel Fortran Compiler for Windows versions prior to 2022.2.1
Description
The issue is related to an uncontrolled search path in the compiler, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could potentially be exploited by an attacker to elevate their privileges.
Recommendations
For Intel(R) oneAPI DPC++/C++ Compiler for Windows versions prior to 2022.2.1, update to version 2022.2.1 or later.
For Intel(R) oneAPI Toolkits versions prior to 2022.3.1, update to version 2022.3.1 or later.
For Intel Fortran Compiler for Windows versions prior to 2022.2.1, update to version 2022.2.1 or later.
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Fortran Compiler
Intel Oneapi Dpc++/C++ Compiler
Intel Oneapi Toolkit