Vulnerability Description
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Advisor | < 2023.2 |
| Intel | Cluster Checker | 2021.7.3 |
| Intel | Distribution For Python | 2023.1 |
| Intel | Inspector | < 2023.2 |
| Intel | Integrated Performance Primitives | 2021.9 |
| Intel | Integrated Performance Primitives Cryptography | < 2021.8 |
| Intel | Mpi Library | < 2021.10 |
| Intel | Oneapi Ai Analytics Toolkit | 2023.2 |
| Intel | Oneapi Base Toolkit | < 2023.2 |
| Intel | Oneapi Deep Neural Network | < 2023.2 |
| Intel | Oneapi Hpc Toolkit | 2023.2 |
| Intel | Oneapi Iot Toolkit | 2023.2 |
| Intel | Oneapi Math Kernel Library | < 2023.2 |
| Intel | Threading Building Blocks | < 2021.10 |
| Intel | Trace Analyzer And Collector | 2021.10.0 |
| Intel | Vtune Profiler | < 2023.2 |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.Vendor Advisory
FAQ
What is CVE-2023-35121?
CVE-2023-35121 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable ...
How severe is CVE-2023-35121?
CVE-2023-35121 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-35121?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Advisor, Intel Cluster Checker, Intel Distribution For Python, Intel Inspector, Intel Integrated Performance Primitives.