CVE-2025-32038
BaseFortify
Publication date: 2025-11-11
Last updated on: 2025-11-11
Assigner: Intel Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| intel | oneapi_dpc++compiler | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-427 | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves an uncontrolled search path in the FPGA Support Package for the Intel oneAPI DPC++C++ Compiler software before version 2025.0.1. It occurs within Ring 3 (user applications) and may allow an escalation of privilege. An unprivileged, authenticated user could exploit this vulnerability through a complex attack requiring local access and active user interaction, potentially leading to higher privileges on the system.
How can this vulnerability impact me? :
The vulnerability can impact the confidentiality, integrity, and availability of the vulnerable system at a high level. This means an attacker could potentially gain unauthorized access, alter data, or disrupt system operations by escalating their privileges.