Lucene search

IntelCVE-2024-23909

HistoryAug 14, 2024 - 2:15 p.m.

CVE-2024-23909

2024-08-1414:15:20

CWE-427

intel

web.nvd.nist.gov

intel

fpga sdk

opencl

privilege escalation

uncontrolled search path

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS4

5.4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

ACTIVE

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

AI Score

7.2

Confidence

High

EPSS

Percentile

9.5%

JSON

Uncontrolled search path in some Intel® FPGA SDK for OpenCL™ software technology may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected configurations

Nvd

Vulnrichment

Node

intelfield_programmable_gate_array_software_development_kit_for_openclMatch13.0-pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch13.0-standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch13.0sp1pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch13.0sp1standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch13.1pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch13.1standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch14.0pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch14.0standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch14.1pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch14.1standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch15.0pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch15.0standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch15.1pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch15.1standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch16.0pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch16.0standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch16.1pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch16.1standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch17.0pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch17.0standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch17.1pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch17.1standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch18.0pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch18.0standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch18.1pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch18.1standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch19.1pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch19.1standard

intelfield_programmable_gate_array_software_development_kit_for_openclMatch19.2pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch19.3pro

intelfield_programmable_gate_array_software_development_kit_for_openclMatch19.4pro

VendorProductVersionCPE
intelfield_programmable_gate_array_software_development_kit_for_opencl13.0cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.0:-:*:*:pro:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl13.0cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.0:-:*:*:standard:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl13.0cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.0:sp1:*:*:pro:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl13.0cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.0:sp1:*:*:standard:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl13.1cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.1:*:*:*:pro:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl13.1cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.1:*:*:*:standard:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl14.0cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:14.0:*:*:*:pro:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl14.0cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:14.0:*:*:*:standard:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl14.1cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:14.1:*:*:*:pro:*:*:*
intelfield_programmable_gate_array_software_development_kit_for_opencl14.1cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:14.1:*:*:*:standard:*:*:*

Vendor	Product	Version	CPE
intel	field_programmable_gate_array_software_development_kit_for_opencl	13.0	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.0:-:::pro:::*
intel	field_programmable_gate_array_software_development_kit_for_opencl	13.0	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.0:-:::standard:::*
intel	field_programmable_gate_array_software_development_kit_for_opencl	13.0	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.0:sp1:::pro:::*
intel	field_programmable_gate_array_software_development_kit_for_opencl	13.0	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.0:sp1:::standard:::*
intel	field_programmable_gate_array_software_development_kit_for_opencl	13.1	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.1::::pro:::
intel	field_programmable_gate_array_software_development_kit_for_opencl	13.1	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:13.1::::standard:::
intel	field_programmable_gate_array_software_development_kit_for_opencl	14.0	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:14.0::::pro:::
intel	field_programmable_gate_array_software_development_kit_for_opencl	14.0	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:14.0::::standard:::
intel	field_programmable_gate_array_software_development_kit_for_opencl	14.1	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:14.1::::pro:::
intel	field_programmable_gate_array_software_development_kit_for_opencl	14.1	cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:14.1::::standard:::

Rows per page:

1-10 of 311

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) FPGA SDK for OpenCL(TM) software technology",
    "versions": [
      {
        "version": "See references",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01104.html

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS4

5.4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

ACTIVE

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

AI Score

7.2

Confidence

High

EPSS

Percentile

9.5%

JSON

Related for CVE-2024-23909