Wiz
Vulnerability DatabaseCVE-2022-26843

CVE-2022-26843
Intel oneAPI DPC++/C++ Compiler vulnerability analysis and mitigation

Overview

CVE-2022-26843 is a security vulnerability affecting Intel oneAPI DPC++/C++ Compiler versions before 2022.1 for Intel oneAPI Toolkits. The vulnerability is characterized by insufficient visual distinction of homoglyphs presented to users (NVD, Intel Advisory).

Technical details

The vulnerability stems from insufficient visual distinction of homoglyphs (characters that look similar but have different meanings) in the Intel oneAPI DPC++/C++ Compiler. This issue affects versions prior to 2022.1 (Intel Advisory).

Impact

The vulnerability could potentially lead to confusion or misinterpretation of code elements due to the insufficient visual distinction between similar-looking characters, which might result in security implications during code review or development (NVD).

Mitigation and workarounds

Users should upgrade to Intel oneAPI DPC++/C++ Compiler version 2022.1 or later to address this vulnerability (Intel Advisory).

Additional resources

SourceThis report was generated using AI

Related Intel oneAPI DPC++/C++ Compiler vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2023-35121HIGH7.8
  • Intel oneAPI DPC++/C++ CompilerIntel oneAPI DPC++/C++ Compiler
    		NoYesFeb 14, 2024
    CVE-2023-28823HIGH7.3
    • HomebrewHomebrew
    • ospray
    		NoYesAug 11, 2023
    CVE-2023-27391MEDIUM6.7
    • HomebrewHomebrew
    • ospray
    		NoYesAug 11, 2023
    CVE-2024-34165MEDIUM5.4
    • Intel oneAPI DPC++/C++ CompilerIntel oneAPI DPC++/C++ Compiler
    • cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler
    		NoYesNov 13, 2024
    CVE-2024-23907MEDIUM5.4
    • Intel oneAPI DPC++/C++ CompilerIntel oneAPI DPC++/C++ Compiler
    • cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler
    		NoYesAug 14, 2024

    Free Vulnerability Assessment

    Benchmark your Cloud Security Posture

    Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

    Request assessment

    Additional Wiz resources

    Cloud Vulnerability DB

    Cloud Vulnerability DB

    A community-led vulnerabilities database

    Cloud Threat Landscape

    Cloud Threat Landscape

    A threat intelligence database

    PEACH

    PEACH

    A tenant isolation framework

    Get a personalized demo

    Ready to see Wiz in action?

    "Best User Experience I have ever seen, provides full visibility to cloud workloads."
    David EstlickCISO
    "Wiz provides a single pane of glass to see what is going on in our cloud environments."
    Adam FletcherChief Security Officer
    "We know that if Wiz identifies something as critical, it actually is."
    Greg PoniatowskiHead of Threat and Vulnerability Management
    Get a demo