CVE-2024-28950
First published: Wed Nov 13 2024(Updated: )
Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel oneAPI Math Kernel Library | <2024.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-28950?
CVE-2024-28950 is classified as a moderate-severity vulnerability.
Who is affected by CVE-2024-28950?
CVE-2024-28950 affects users of Intel oneAPI Math Kernel Library software for Windows versions prior to 2024.2.
How does CVE-2024-28950 lead to escalation of privilege?
CVE-2024-28950 allows an authenticated user to exploit an uncontrolled search path, potentially enabling them to escalate privileges.
How do I fix CVE-2024-28950?
To mitigate CVE-2024-28950, update to Intel oneAPI Math Kernel Library software version 2024.2 or later.
What are the potential consequences of CVE-2024-28950?
The potential consequences of CVE-2024-28950 include unauthorized access and control over systems by exploiting local privileges.
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/severity
- agent/event
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/intel
- canonical/intel oneapi math kernel library