CVE-2023-28823

Vulnerability

An uncontrolled search path vulnerability exists in Intel(R) oneAPI Toolkit and component software installers prior to version 4.3.1.493. The installer searches for and loads additional components or binaries (e.g., DLLs) from untrusted or user-writable directories, enabling an attacker to control the loaded files [1].

Exploitation

To exploit this vulnerability, an attacker must have local access to the system and be authenticated as a user with the ability to write to a directory that appears in the installer's search path. The attacker places a malicious file (e.g., a renamed DLL) in that directory, and when the installer is executed (e.g., during installation or update of oneAPI components), the installer loads the attacker's file instead of the legitimate one [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code in the context of the installer process, which typically runs with elevated privileges. This can lead to escalation of privilege, enabling the attacker to gain higher system permissions than their original user account [1].

Mitigation

Intel has released version 4.3.1.493 of the oneAPI Toolkit which addresses the vulnerability. Users should update to this or a later version as soon as possible. No workarounds have been provided [1].