Severity
High
Analysis Summary
CVE-2022-26052 CVSS:7.5
Intel oneAPI Toolkits could allow a local authenticated attacker to gain elevated privileges on the system, caused by uncontrolled search path element. By sending a specially-crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2022-26843 CVSS:8.3
Intel oneAPI Toolkits could allow a remote attacker to gain elevated privileges on the system, caused by insufficient visual distinction of homoglyphs presented to user. By sending a specially-crafted request, an attacker could exploit this vulnerability to escalate privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-26052
- CVE-2022-26843
Affected Vendors
Intel
Affected Products
- Intel MPI Library
- Intel oneAPI HPC Toolkit 2021.5
- Intel oneAPI Toolkits 2021.1 Beta 9
- Intel oneAPI DPC++/C++ Compiler 2022.1.0
Remediation
Refer to Intel Security Advisory for patch, upgrade or suggested workaround information.