Potential Escalation of Privilege via Local Access in Intel(R) SGX or Intel(R) TDX
CVE-2023-32666

7.2HIGH

Key Information:

Summary

The vulnerability allows a privileged user to exploit improper access control in the on-chip debug and test interfaces of specific 4th Generation Intel Xeon Processors. When utilizing Intel Software Guard Extensions (SGX) or Intel Trusted Execution Technology (TDX), this flaw could potentially lead to escalation of privileges through local access. This situation poses a significant security risk, highlighting the importance of monitoring and securing access to sensitive system resources.

Affected Version(s)

4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX

References

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.