CVE-2022-38136 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-38136 PUBLISHED CVSS 6.7 MEDIUM

Reported by intel · Published February 6, 2023

Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Risk Scores

CVSS v3.1

6.7

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
n/a	Intel(R) oneAPI DPC++/C++ Compiler for Windows and IntelÂ® Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits	Intel(R) oneAPI DPC++/C++ Compiler for Windows and IntelÂ® Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1
n/a	Intel(R) oneAPI DPC++/C++ Compiler for Windows and IntelÂ® Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits	Intel(R) oneAPI DPC++/C++ Compiler for Windows and IntelÂ® Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1

Timeline

Feb 6, 2023 CVE Published
Feb 7, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 18, 2023 EPSS Score
Apr 27, 2023 EPSS Score
Jun 5, 2023 EPSS Score
Jul 14, 2023 EPSS Score
Aug 23, 2023 EPSS Score
Oct 1, 2023 EPSS Score
Nov 9, 2023 EPSS Score
Dec 19, 2023 EPSS Score
Jan 27, 2024 EPSS Score

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00773.html

Open in Interactive Console →