Vulnerability Details : CVE-2023-27391
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
Products affected by CVE-2023-27391
- cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_dpc\+\+_library_\(onedpl\):*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*
- cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-27391
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-27391
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.7
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
0.8
|
5.9
|
NIST | |
6.7
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
0.8
|
5.9
|
Intel Corporation |
References for CVE-2023-27391
-
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html
Access DeniedVendor Advisory
Jump to