Escalation of Privilege Vulnerability in Intel Xeon 6 Processors Using TDX or SGX
CVE-2024-48869

5.6MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Xeon(r) 6 Processor With E-cores When Using Intel(r) Trust Domain Extensions (intel(r) Tdx) Or Intel(r) Software Guard Extensions (intel(r) Sgx)
Vendor: CVE Published:; 13 May 2025

What is CVE-2024-48869?

The vulnerability arises from insufficient restrictions of software interfaces to hardware features in specific Intel Xeon 6 processors that utilize Intel Trust Domain Extensions (TDX) or Intel Software Guard Extensions (SGX). This flaw may allow a privileged user with local access to potentially escalate their privileges, which could lead to unauthorized access and control over system processes. To mitigate this risk, users are advised to keep their systems updated and adhere to security best practices outlined by Intel.

Affected Version(s)

Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Oct 9, 2024