CVE-2024-23907

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:intel:high_level_synthesis_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:quartus_prime:*:*:*:*:pro:*:*:*

History

06 Sep 2024, 20:38

Type Values Removed Values Added
Summary
  • (es) La ruta de búsqueda no controlada en algún software Intel(R) High Level Synthesis Compiler anterior a la versión 23.4 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a través del acceso local.
CVSS v2 : unknown
v3 : 6.7
v2 : unknown
v3 : 7.8
First Time Intel oneapi Dpc\+\+\/c\+\+ Compiler
Intel quartus Prime
Intel
Intel high Level Synthesis Compiler
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01113.html - () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01113.html - Vendor Advisory
CPE cpe:2.3:a:intel:high_level_synthesis_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:quartus_prime:*:*:*:*:pro:*:*:*
cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:*

14 Aug 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-14 14:15

Updated : 2024-09-06 20:38


NVD link : CVE-2024-23907

Mitre link : CVE-2024-23907

CVE.ORG link : CVE-2024-23907


JSON object : View

Products Affected

intel

  • oneapi_dpc\+\+\/c\+\+_compiler
  • high_level_synthesis_compiler
  • quartus_prime
CWE
CWE-427

Uncontrolled Search Path Element