CVE-2024-47795 is a vulnerability identified in Intel oneAPI DPC++/C++ Compiler software versions before 2025.0.0. The issue stems from an uncontrolled search path, meaning the software improperly handles the directories it searches for dependencies or components during execution. This flaw can be leveraged by an authenticated user with local access to the system to escalate their privileges, potentially gaining higher-level permissions than initially granted. The vulnerability requires the attacker to have at least low privileges and user interaction, and the attack complexity is high, indicating that exploitation is not straightforward. The vulnerability impacts confidentiality, integrity, and availability, as an attacker with escalated privileges could access sensitive data, modify system or application files, or disrupt normal operations. The vulnerability does not require network access and is not known to be exploited in the wild as of the published date. The CVSS 4.0 vector indicates local attack vector (AV:L), high attack complexity (AC:H), privileges required are low (PR:L), and user interaction is required (UI:A). The vulnerability affects development environments using Intel's oneAPI DPC++/C++ Compiler, which is widely used in high-performance computing, AI, and other compute-intensive applications. The issue is resolved in version 2025.0.0 of the compiler software.

The primary impact of CVE-2024-47795 is the potential for privilege escalation by an authenticated local user. This can lead to unauthorized access to sensitive information, modification or deletion of critical files, and disruption of development or production environments. Organizations relying on Intel oneAPI compilers for software development, especially in sectors such as semiconductor manufacturing, AI research, and high-performance computing, may face increased risk of insider threats or compromised developer workstations. The vulnerability could also be leveraged as a stepping stone for further attacks within a network if an attacker gains elevated privileges on a developer machine. Although exploitation complexity is high and requires local access, the consequences of successful exploitation can be severe, affecting confidentiality, integrity, and availability of systems and data. The lack of known exploits in the wild reduces immediate risk but does not eliminate the need for prompt remediation.

To mitigate CVE-2024-47795, organizations should prioritize upgrading Intel oneAPI DPC++/C++ Compiler software to version 2025.0.0 or later, where the vulnerability is addressed. Until patching is possible, restrict local access to systems running the affected compiler software to trusted users only, and enforce strict access controls and monitoring of developer workstations. Implement application whitelisting and integrity verification to detect unauthorized modifications or execution of malicious code. Educate developers and system administrators about the risks of privilege escalation and the importance of minimizing user privileges. Regularly audit local user accounts and remove unnecessary privileges. Employ endpoint detection and response (EDR) solutions to identify suspicious local activities indicative of privilege escalation attempts. Additionally, review and harden the search paths and environment variables used by development tools to prevent exploitation of uncontrolled search path vulnerabilities.