CVE-2024-23907

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:intel:high_level_synthesis_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:quartus_prime:*:*:*:*:pro:*:*:*

History

06 Sep 2024, 20:38

Type Values Removed Values Added
First Time Intel oneapi Dpc\+\+\/c\+\+ Compiler
Intel high Level Synthesis Compiler
Intel
Intel quartus Prime
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01113.html - () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01113.html - Vendor Advisory
CPE cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:high_level_synthesis_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:quartus_prime:*:*:*:*:pro:*:*:*
CVSS v2 : unknown
v3 : 6.7
v2 : unknown
v3 : 7.8
Summary
  • (es) La ruta de búsqueda no controlada en algún software Intel(R) High Level Synthesis Compiler anterior a la versión 23.4 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a través del acceso local.

14 Aug 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-14 14:15

Updated : 2024-09-06 20:38


NVD link : CVE-2024-23907

Mitre link : CVE-2024-23907

CVE.ORG link : CVE-2024-23907


JSON object : View

Products Affected

intel

  • high_level_synthesis_compiler
  • quartus_prime
  • oneapi_dpc\+\+\/c\+\+_compiler
CWE
CWE-427

Uncontrolled Search Path Element