Possible Information Disclosure Vulnerability in Intel SGX DCAP Software
CVE-2023-42776

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Sgx Dcap Software For Windows
Vendor: CVE Published:; 14 February 2024

Summary

An input validation weakness found in earlier versions of Intel SGX DCAP software for Windows may lead to potential information disclosure risks for authenticated users. This vulnerability allows local access to sensitive data, emphasizing the importance of updating to the latest software version to mitigate potential threats. Intel's security advisory provides further insights and recommendations for safeguarding against this issue.

Affected Version(s)

Intel(R) SGX DCAP software for Windows before version 1.19.100.3

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Sep 22, 2023