Intel oneAPI DPC++/C++ Compiler Privilege Escalation Vulnerability (INTEL-SA-01243/CVE-2024-47795)

Critical Vulnerability Information Intel ID: INTEL-SA-01243 Category: Software Vulnerability Impact: Escalation of Privilege Severity Rating: MEDIUM CVE ID: CVE-2024-47795 Description: In certain Intel® oneAPI DPC++/C++ Compiler software versions prior to 2025.0.0, uncontrolled search paths may allow an authenticated user with local access to potentially escalate privileges. CVSS Score: - CVSS Base Score 3.1: 6.7 Medium - CVSS Vector 3.1: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:A/H - CVSS Base Score 4.0: 5.4 Medium - CVSS Vector 4.0: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:R/VCH/VAH/VAN/SCN/SIN/SAN Affected Products: - Intel® oneAPI DPC++/C++ Compiler software before version 2025.0.0 - FPGA Support Package for the Intel® oneAPI DPC++/C++ Compiler software for Windows before version 2025.0.0. Recommended Actions: - Update Intel® oneAPI DPC++/C++ Compiler software to version 2025.0.0 or later. - Update FPGA Support Package to version 2025.0.0 or later. Release and Revision History: - Initial Release Date: 05/13/2025 - Last Revised Date: 05/13/2025

Goal Reached Thanks to every supporter — we hit 100%!

Intel oneAPI DPC++/C++ Compiler Privilege Escalation Vulnerability (INTEL-SA-01243/CVE-2024-47795)