Potential Escalation of Privilege Vulnerability in Intel TDX Module Software
CVE-2023-45745

7.9HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Tdx Module Software
Vendor: CVE Published:; 16 May 2024

What is CVE-2023-45745?

A vulnerability exists in certain versions of Intel(R) TDX module software due to improper input validation. This flaw may permit a privileged user with local access to exploit the issue and potentially escalate their privileges. The affected versions include those prior to version 1.5.05.46.698, which users should be aware of to safeguard their systems.

Affected Version(s)

Intel(R) TDX module software before version 1.5.05.46.698

References

https://www.intel.com/content/www/us/en/security-center/a...

https://security.netapp.com/advisory/ntap-20240621-0003/

CVSS V3.1

Score:

7.9

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2024
Vulnerability Reserved
Nov 27, 2023