Intel oneAPI DPC++/C++ Compiler FPGA Support Package Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in the FPGA Support Package for the Intel oneAPI DPC++/C++ Compiler, prior to version 2025.0.1. This vulnerability arises from an uncontrolled search path, which may allow an unprivileged software adversary with authenticated user status to escalate privileges. The attack, characterized by high complexity, could potentially be executed through local access, requiring active user interaction and without special internal knowledge.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain elevated rights or access within the system.

Remediation

Intel has issued a Product Discontinuation Notice for the FPGA Support Package for the Intel oneAPI DPC++/C++ Compiler. Users are advised to uninstall or discontinue use of this package as soon as possible.