Improper Access Control Vulnerability in Intel SGX-Enabled Processors
CVE-2024-36293
6.8MEDIUM
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 12 February 2025
Summary
The vulnerability arises from improper access control in the EDECCSSA user leaf function of certain Intel SGX-enabled processors. This flaw could potentially allow an authenticated user to wreak havoc by enabling a denial of service condition through local access. As a result, systems using these processors may become unresponsive or experience degradation in performance. It's crucial for users to be aware of this vulnerability and to apply any patches or mitigations recommended by Intel to protect their systems.
Affected Version(s)
Intel(R) Processors with Intel(R) SGX See references
References
CVSS V4
Score:
6.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved