Escalation of Privilege Vulnerability in Intel Xeon Processor Memory Controller
CVE-2024-23918

8.8HIGH

Key Information:

Vendor

Intel
Status
Intel(r) Xeon(r) Processor Memory Controller Configurations When Using Intel(r) Sgx
Vendor
CVE Published:
13 November 2024

What is CVE-2024-23918?

A security flaw exists in specific configurations of Intel Xeon processor memory controllers when leveraging Intel Software Guard Extensions (SGX). This vulnerability can allow an unauthorized privileged user, with local access, to exploit the memory controller settings. If exploited, it could result in an elevation of privileges that may compromise system integrity.

Affected Version(s)

Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V4

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

JSON
.
CVE-2024-23918 : Escalation of Privilege Vulnerability in Intel Xeon Processor Memory Controller