CVE-2023-35121: 
Intel oneAPI DPC++/C++ Compiler vulnerability analysis and mitigation

CVE-2023-35121 is a security vulnerability discovered in Intel(R) oneAPI DPC++/C++ Compiler. The vulnerability affects versions before 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1. This improper access control vulnerability was disclosed and assigned a CVE identifier on February 14, 2024 (NVD, Intel Advisory).

The vulnerability is classified as an improper access control issue (CWE-284). Intel has assigned this vulnerability a CVSS v3.1 base score of 7.8 (HIGH), with the following vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H. This scoring indicates that the vulnerability requires local access, has high attack complexity, requires low privileges, needs no user interaction, has a changed scope, and can result in high impacts to confidentiality, integrity, and availability (NVD).

If exploited, this vulnerability could allow an authenticated user with local access to potentially enable escalation of privilege. The high CVSS score indicates severe potential impacts on system confidentiality, integrity, and availability (Intel Advisory).

Intel has released patches to address this vulnerability. Users should upgrade to Intel(R) oneAPI DPC++/C++ Compiler version 2022.2.1 or later, and ensure their Intel(R) oneAPI Toolkits are updated to version 2022.3.1 or later (Intel Advisory).