Information Disclosure Vulnerability in Intel Processors with SGX
CVE-2022-0005

2.4LOW

Key Information:

Vendor: Intel
Status: Intel(r) Processors With Sgx
Vendor: CVE Published:; 12 May 2022

What is CVE-2022-0005?

A physical probing of the JTAG interface on specific Intel processors featuring Software Guard Extensions (SGX) could allow an unprivileged user to access sensitive information. This vulnerability highlights the risks associated with physical access to hardware and demonstrates the necessity for enhanced physical security measures to prevent unauthorized disclosure of data.

Affected Version(s)

Intel(R) Processors with SGX See references

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2022
Vulnerability Reserved
Oct 15, 2021