CVE-2023-29162 : Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 20

Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.

Published 2024-02-14 14:15:50

Updated 2025-03-20 15:15:40

Source Intel Corporation

View at NVD, CVE.org

Products affected by CVE-2023-29162

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2023-29162

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 7 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-29162

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.0	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L	0.5	5.5	Intel Corporation	2024-03-28
Attack Vector: Local Attack Complexity: High Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: Low

CWE ids for CVE-2023-29162

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2023-29162

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html

INTEL-SA-00988

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-29162

Products affected by CVE-2023-29162

Exploit prediction scoring system (EPSS) score for CVE-2023-29162

CVSS scores for CVE-2023-29162

CWE ids for CVE-2023-29162

References for CVE-2023-29162