Escalation of Privilege Vulnerability in Intel Xeon Processor Memory Controller
CVE-2024-23918

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Xeon(r) Processor Memory Controller Configurations When Using Intel(r) Sgx
Vendor: CVE Published:; 13 November 2024

What is CVE-2024-23918?

A security flaw exists in specific configurations of Intel Xeon processor memory controllers when leveraging Intel Software Guard Extensions (SGX). This vulnerability can allow an unauthorized privileged user, with local access, to exploit the memory controller settings. If exploited, it could result in an elevation of privileges that may compromise system integrity.

Affected Version(s)

Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 13, 2024

JSON