Potential Information Disclosure Vulnerability in Intel Processors with SGX
CVE-2023-43753

5.3MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Processors With Intel(r) Sgx
Vendor: CVE Published:; 16 September 2024

What is CVE-2023-43753?

An improper conditions check in Intel's Software Guard Extensions (SGX) on certain processors may permit a privileged user to potentially disclose sensitive information through local access. This vulnerability underscores the importance of thorough security measures and monitoring in environments leveraging SGX technology, as it could expose critical data if exploited. For comprehensive information and remediation recommendations, consult Intel's advisory on this matter.

Affected Version(s)

Intel(R) Processors with Intel(R) SGX See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2024
Vulnerability Reserved
Oct 25, 2023