Possible Escalation of Privilege via Local Access in Intel TDX Module Software

CVE-2024-39283

7.8HIGH

Key Information

Vendor: Intel
Status: Intel(r) Tdx Module Software
Vendor: CVE Published:; 14 August 2024

Summary

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Version(s)

Intel(R) TDX module software = before version TDX_1.5.01.00.592

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 14, 2024
Vulnerability Reserved.
Jun 25, 2024

Collectors

NVD DatabaseMitre Database