CVE-2023-22355
First published: Wed May 10 2023(Updated: )
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Advisor | <2023.0 | |
| Intel Cpu Runtime | <2023.0 | |
| Intel Distribution for Python | <2023.0 | |
| Intel Dpc\+\+ Compatibility Tool | <2023.0 | |
| Intel Embree Ray Tracing Kernel Library | <2023.0 | |
| Intel Fortran Compiler | <2023.0 | |
| Intel Implicit Spmd Program Compiler | <1.18.1 | |
| Intel Inspector | <2023.0 | |
| Intel Integrated Performance Primitives | <2021.7 | |
| Intel Integrated Performance Primitives Cryptography | <2021.6.3 | |
| Intel MPI Library | <2021.8 | |
| Intel Oneapi Base Toolkit | <2023.0 | |
| Intel Oneapi Data Analytics Library | <2023.0 | |
| Intel Oneapi Deep Neural Network Library | <2023.0 | |
| Intel Oneapi Dpc\+\+\/c\+\+ Compiler | <2023.0 | |
| Intel Oneapi Dpc\+\+ Library | <2022.0 | |
| Intel Oneapi Hpc Toolkit | <2023.0.0 | |
| Intel Oneapi Hpc Toolkit | =2023.0.0 | |
| Intel Oneapi Iot Toolkit | <2023.0 | |
| Intel Oneapi Math Kernel Library | <2023.0 | |
| Intel Oneapi Rendering Toolkit | <2023.0 | |
| Intel Oneapi Threading Building Blocks | <2021.8 | |
| Intel Oneapi Toolkit And Component Software Installers | <4.3.0.251 | |
| Intel Oneapi Video Processing Library | <2023.0 | |
| Intel Open Image Denoise | <1.4.3 | |
| Intel Open Volume Kernel Library | <2023.0 | |
| Intel Ospray | <2023.0 | |
| Intel Ospray Studio | <2023.0 | |
| Intel Trace Analyzer and Collector | <2021.8.0 | |
| Intel Vtune Profiler | <2023.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-22355?
CVE-2023-22355 is a vulnerability that allows an authenticated user to potentially enable escalation of privilege via local access in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251.
What is the severity of CVE-2023-22355?
The severity of CVE-2023-22355 is high, with a severity value of 7.8.
Which software is affected by CVE-2023-22355?
The following software is affected by CVE-2023-22355: Intel Advisor, Intel CPU Runtime, Intel Distribution for Python, Intel Dpc++ Compatibility Tool, Intel Embree Ray Tracing Kernel Library, Intel Fortran Compiler, Intel Implicit Spmd Program Compiler, Intel Inspector, Intel Integrated Performance Primitives, Intel Integrated Performance Primitives Cryptography, Intel MPI Library, Intel Oneapi Base Toolkit, Intel Oneapi Data Analytics Library, Intel Oneapi Deep Neural Network Library, Intel Oneapi Dpc++/c++ Compiler, Intel Oneapi Dpc++ Library, Intel Oneapi Hpc Toolkit, Intel Oneapi Iot Toolkit, Intel Oneapi Math Kernel Library, Intel Oneapi Rendering Toolkit, Intel Oneapi Threading Building Blocks, Intel Oneapi Toolkit and Component Software Installers, Intel Oneapi Video Processing Library, Intel Open Image Denoise, Intel Open Volume Kernel Library, Intel Ospray, Intel Ospray Studio, Intel Trace Analyzer and Collector, Intel Vtune Profiler.
How can I fix CVE-2023-22355?
To fix CVE-2023-22355, you should update your Intel(R) oneAPI Toolkit and component software installers to version 4.3.0.251 or later.
Where can I find more information about CVE-2023-22355?
You can find more information about CVE-2023-22355 on the Intel Security Center Advisory page at [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html).
- collector/nvd-index
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/severity
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel advisor
- canonical/intel cpu runtime
- canonical/intel distribution for python
- canonical/intel dpc\+\+ compatibility tool
- canonical/intel embree ray tracing kernel library
- canonical/intel fortran compiler
- canonical/intel implicit spmd program compiler
- canonical/intel inspector
- canonical/intel integrated performance primitives
- canonical/intel integrated performance primitives cryptography
- canonical/intel mpi library
- canonical/intel oneapi base toolkit
- canonical/intel oneapi data analytics library
- canonical/intel oneapi deep neural network library
- canonical/intel oneapi dpc\+\+\/c\+\+ compiler
- canonical/intel oneapi dpc\+\+ library
- canonical/intel oneapi hpc toolkit
- version/intel oneapi hpc toolkit/2023.0.0
- canonical/intel oneapi iot toolkit
- canonical/intel oneapi math kernel library
- canonical/intel oneapi rendering toolkit
- canonical/intel oneapi threading building blocks
- canonical/intel oneapi toolkit and component software installers
- canonical/intel oneapi video processing library
- canonical/intel open image denoise
- canonical/intel open volume kernel library
- canonical/intel ospray
- canonical/intel ospray studio
- canonical/intel trace analyzer and collector
- canonical/intel vtune profiler