Detections
Analytics
Intel oneAPI Math Kernel Library < 2025.2.0 DoS
medium Nessus Plugin ID 277102
Language:
Synopsis
The remote Windows host contains a library that is affected by multiple vulnerabilities.Description
A DoS vulnerability exists in Intel oneAPI Math Kernel Library versions prior to 2025.2. Improper input validation for some Intel(R) oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Intel oneAPI Math Kernel Library to 2025.2 or later.See Also
Plugin Details
Severity: Medium
ID: 277102
File Name: intel_oneapi_math_library_2025_2_0.nasl
Version: 1.2
Type: local
Agent: windows
Family: Windows
Published: 12/3/2025
Updated: 2/27/2026
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 6
Temporal Score: 4.4
Vector: CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2025-31948
CVSS v3
Risk Factor: Medium
Base Score: 6.7
Temporal Score: 5.8
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS v4
Risk Factor: Medium
Base Score: 4.8
Threat Score: 1.1
Threat Vector: CVSS:4.0/E:U
Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Vulnerability Information
CPE: cpe:/a:intel:oneapi_base_toolkit
Required KB Items: installed_sw/oneAPI Base Toolkit
Exploit Ease: No known exploits are available
Patch Publication Date: 11/11/2025
Vulnerability Publication Date: 11/11/2025
Reference Information
CVE: CVE-2025-31948
IAVA: 2025-A-0862