CVE-2024-34165

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Nov 13, 2024
Updated: Nov 15, 2024
CWE ID 427

Summary

CVE-2024-34165 is a newly disclosed vulnerability affecting Intel(R) oneAPI DPC++/C++ Compiler versions prior to 2024.2. This issue involves an uncontrolled search path, which can potentially enable privilege escalation for authenticated users through local access. By manipulating the compiler's configuration settings, an attacker may be able to execute arbitrary commands with elevated privileges, posing a significant security risk. Intel has released a patch to address this vulnerability, and users are strongly encouraged to update their systems as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share