Possible Escalation of Privilege via Local Access in Intel TDX Module Software

CVE-2024-39283

7.8HIGH

Key Information

Vendor
Intel
Status
Intel(r) Tdx Module Software
Vendor
CVE Published:
14 August 2024

Summary

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Version(s)

Intel(R) TDX module software = before version TDX_1.5.01.00.592

Refferences

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.