cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-36293,https://securityvulnerability.io/vulnerability/CVE-2024-36293,Improper Access Control Vulnerability in Intel SGX-Enabled Processors,"The vulnerability arises from improper access control in the EDECCSSA user leaf function of certain Intel SGX-enabled processors. This flaw could potentially allow an authenticated user to wreak havoc by enabling a denial of service condition through local access. As a result, systems using these processors may become unresponsive or experience degradation in performance. It's crucial for users to be aware of this vulnerability and to apply any patches or mitigations recommended by Intel to protect their systems.",Intel,Intel(r) Processors With Intel(r) Sgx,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T21:20:12.658Z,0
CVE-2023-43753,https://securityvulnerability.io/vulnerability/CVE-2023-43753,Potential Information Disclosure Vulnerability in Intel Processors with SGX,"An improper conditions check in Intel's Software Guard Extensions (SGX) on certain processors may permit a privileged user to potentially disclose sensitive information through local access. This vulnerability underscores the importance of thorough security measures and monitoring in environments leveraging SGX technology, as it could expose critical data if exploited. For comprehensive information and remediation recommendations, consult Intel's advisory on this matter.",Intel,Intel(r) Processors With Intel(r) Sgx,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-16T16:38:46.373Z,0
CVE-2023-22655,https://securityvulnerability.io/vulnerability/CVE-2023-22655,Potential Escalation of Privilege Vulnerability Affecting Intel Processors,"A protection mechanism failure has been identified in certain 3rd and 4th Generation Intel Xeon Processors when utilizing Intel SGX or Intel TDX. This flaw allows users with privileged access to potentially escalate their privileges through local access. As a result, this could lead to unauthorized access to sensitive information or critical resources within an affected system. System administrators and users operating with these processor generations should be vigilant and consider applying updates or mitigations provided by Intel and other affiliated security advisories.",Intel,3rd And 4th Generation Intel(r) Xeon(r) Processors When Using Intel(r) Sgx Or Intel(r) Tdx,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2024-03-14T16:45:46.683Z,0
CVE-2023-32666,https://securityvulnerability.io/vulnerability/CVE-2023-32666,Potential Escalation of Privilege via Local Access in Intel(R) SGX or Intel(R) TDX,"The vulnerability allows a privileged user to exploit improper access control in the on-chip debug and test interfaces of specific 4th Generation Intel Xeon Processors. When utilizing Intel Software Guard Extensions (SGX) or Intel Trusted Execution Technology (TDX), this flaw could potentially lead to escalation of privileges through local access. This situation poses a significant security risk, highlighting the importance of monitoring and securing access to sensitive system resources.",Intel,4th Generation Intel(r) Xeon(r) Processors When Using Intel(r) Sgx Or Intel(r) Tdx,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-14T16:45:44.785Z,0
CVE-2023-43490,https://securityvulnerability.io/vulnerability/CVE-2023-43490,Potential Information Disclosure Vulnerability in Intel Xeon D Processors with Intel SGX,A vulnerability exists in some Intel Xeon D processors that utilize Intel Software Guard Extensions (SGX) due to an incorrect calculation in the microcode keying mechanism. This flaw may allow a privileged user with local access to enable the disclosure of sensitive information. The potential for exploited access underscores the need for immediate security measures to protect against unauthorized information retrieval. Users of affected processors should refer to Intel's security advisory for detailed guidance on mitigation.,Intel,Intel(r) Xeon(r) D Processors With Intel(r) Sgx,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-03-14T16:45:44.079Z,0
CVE-2023-42776,https://securityvulnerability.io/vulnerability/CVE-2023-42776,Possible Information Disclosure Vulnerability in Intel SGX DCAP Software,"An input validation weakness found in earlier versions of Intel SGX DCAP software for Windows may lead to potential information disclosure risks for authenticated users. This vulnerability allows local access to sensitive data, emphasizing the importance of updating to the latest software version to mitigate potential threats. Intel's security advisory provides further insights and recommendations for safeguarding against this issue.",Intel,Intel(r) Sgx Dcap Software For Windows,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-14T13:38:20.289Z,0
CVE-2022-38090,https://securityvulnerability.io/vulnerability/CVE-2022-38090,Improper Isolation Vulnerability in Intel Processors with Software Guard Extensions,"This vulnerability arises from improper isolation of shared resources in certain Intel processors when utilizing Intel Software Guard Extensions (SGX). A privileged user could exploit this flaw to potentially disclose sensitive information through local access, posing privacy risks and security concerns for affected systems. It underscores the necessity for robust security measures to prevent unauthorized access and maintain data integrity.",Intel,Intel(r) Processors With Intel(r) Software Guard Extensions (sgx),4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-16T20:00:29.274Z,0
CVE-2022-21163,https://securityvulnerability.io/vulnerability/CVE-2022-21163,Improper Access Control in Crypto API Toolkit for Intel SGX,"An access control issue in the Crypto API Toolkit for Intel SGX versions prior to 2.0 commit ID 91ee496 allows authenticated users to potentially escalate privileges through local access. This vulnerability could permit unauthorized actions, highlighting the importance of implementing strict access controls to protect sensitive functions.",Intel,Crypto Api Toolkit For Intel(r) Sgx,8.4,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-16T20:00:23.821Z,0
CVE-2022-33196,https://securityvulnerability.io/vulnerability/CVE-2022-33196,Privilege Escalation Vulnerability in Intel Xeon Processors,"This vulnerability arises from incorrect default permissions in certain memory controller configurations for specific Intel Xeon processors utilizing Intel Software Guard Extensions. A privileged user can potentially leverage local access to escalate their privileges, posing a security risk for affected systems. It is crucial for users of the affected processors to apply the necessary updates and configurations as recommended by Intel to mitigate this risk.",Intel,Intel(r) Xeon(r) Processors With Intelâ® Software Guard Extensions (sgx),7.2,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-16T20:00:22.704Z,0
CVE-2022-26841,https://securityvulnerability.io/vulnerability/CVE-2022-26841,Insufficient Control Flow Management in Intel SGX SDK for Linux,"The Intel SGX SDK for Linux prior to version 2.16.100.1 exhibits insufficient control flow management, which may permit an authenticated user to potentially disclose sensitive information through local access. This flaw could lead to unauthorized exposure of data which should remain confidential, emphasizing the importance of updating to the latest version to mitigate such risks. For further details, please visit Intel's advisory.",Intel,Intel(r) Sgx Sdk Software For Linux,2.5,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-16T19:59:52.294Z,0
CVE-2022-26509,https://securityvulnerability.io/vulnerability/CVE-2022-26509,Information Disclosure in Intel SGX SDK Software,"The vulnerability in Intel SGX SDK software arises from inadequate checks on certain conditions, which can be exploited by a privileged user. This exploit may enable unauthorized access to sensitive information through local interactions, posing a risk to data confidentiality.",Intel,Intel(r) Sgx Sdk Software,2.5,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-16T19:59:51.439Z,0
CVE-2022-27499,https://securityvulnerability.io/vulnerability/CVE-2022-27499,Information Disclosure Vulnerability in Intel SGX SDK Software,"An information disclosure vulnerability exists in Intel SGX SDK software due to premature resource release during its expected lifecycle. A privileged user with local access could exploit this flaw to potentially access sensitive information, compromising the integrity of the secure execution environment. Users are urged to apply the latest patches to mitigate the risk of exposure.",Intel,Intel(r) Sgx Sdk Software,4.4,MEDIUM,0.0004400000034365803,false,,false,false,true,2022-01-07T03:45:41.000Z,true,false,false,,2022-11-11T15:48:41.249Z,0
CVE-2022-0005,https://securityvulnerability.io/vulnerability/CVE-2022-0005,Information Disclosure Vulnerability in Intel Processors with SGX,A physical probing of the JTAG interface on specific Intel processors featuring Software Guard Extensions (SGX) could allow an unprivileged user to access sensitive information. This vulnerability highlights the risks associated with physical access to hardware and demonstrates the necessity for enhanced physical security measures to prevent unauthorized disclosure of data.,Intel,Intel(r) Processors With Sgx,2.4,LOW,0.0005799999926239252,false,,false,false,false,,,false,false,,2022-05-12T16:36:04.000Z,0
CVE-2021-33135,https://securityvulnerability.io/vulnerability/CVE-2021-33135,Denial of Service Vulnerability in Intel SGX Drivers,"This vulnerability is rooted in the Linux kernel drivers for Intel SGX, where uncontrolled resource consumption may allow an authenticated user to induce a denial of service condition through local access. This exposure could compromise the stability of systems leveraging Intel SGX technology, making it crucial for users to apply the necessary security patches to mitigate potential impacts.",Intel,Intel(r) Sgx,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-05-12T16:35:46.000Z,0
CVE-2021-0186,https://securityvulnerability.io/vulnerability/CVE-2021-0186,Improper Input Validation in Intel SGX SDK Applications for SGX2 Processors,"Improper input validation in the Intel SGX SDK applications compiled for SGX2 enabled processors can potentially allow a privileged user to escalate privileges via local access. This vulnerability poses a significant risk as it may enable attackers to execute unauthorized actions within sensitive environments, using local access to exploit this flaw.",Intel,Intel(r) Sgx Sdk Applications Compiled For Sgx2 Enabled Processors,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-17T19:45:47.000Z,0
CVE-2021-33097,https://securityvulnerability.io/vulnerability/CVE-2021-33097,Privilege Escalation Vulnerability in Intel SGX Crypto API Toolkit,"A time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel SGX may allow a privileged user to potentially escalate their privileges through network access. Exploitation of this vulnerability can lead to unauthorized access and manipulation of sensitive data, highlighting critical security concerns for users of the affected toolkit. Intel recommends users review their configurations and apply security updates as necessary.",Intel,Intel(r) Sgx,6.6,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2021-11-17T19:02:53.000Z,0
CVE-2020-24452,https://securityvulnerability.io/vulnerability/CVE-2020-24452,Improper Input Validation in Intel SGX Platform Software for Windows,An issue has been identified within the Intel SGX Platform Software for Windows where improper input validation may permit an authenticated user to instigate a denial of service. This vulnerability highlights the importance of robust validation mechanisms within software components to mitigate potential local access threats.,Intel,Intel(r) Sgx Platform Software For Windows*,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-02-17T13:46:59.000Z,0
CVE-2020-24491,https://securityvulnerability.io/vulnerability/CVE-2020-24491,Information Disclosure Vulnerability in Intel 10th Generation Core Processors,"An information disclosure vulnerability exists in certain Intel 10th Generation Core Processors that support Intel Software Guard Extensions (SGX). This vulnerability arises due to debug messages that expose the addresses of memory transactions. A local privileged user could potentially exploit this weakness to gain unauthorized access to sensitive information, thereby increasing the risk of data exposure.",Intel,Intel(r) 10th Generation Core Processors Supporting Sgx,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-02-17T13:44:03.000Z,0
CVE-2020-8766,https://securityvulnerability.io/vulnerability/CVE-2020-8766,Denial of Service Vulnerability in Intel SGX DCAP Software,A flaw in the Intel SGX DCAP software prior to version 1.6 allows an unauthenticated user to disrupt service availability. This vulnerability arises from improper conditions checks that may enable a denial of service via adjacent access. Organizations using affected versions should consider applying the latest updates to mitigate potential security risks.,Intel,Intel(r) Sgx Dcap Software,6.5,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2020-11-12T18:10:07.000Z,0
CVE-2020-0561,https://securityvulnerability.io/vulnerability/CVE-2020-0561,Improper Initialization in Intel SGX SDK Vulnerability Exposes Products to Privilege Escalation,"The Intel SGX SDK prior to version 2.6.100.1 contains a vulnerability due to improper initialization. This issue could inadvertently allow an authenticated user with local access to exploit the system, potentially leading to escalation of privileges. Such vulnerabilities pose a risk to the integrity and confidentiality of data processed within applications using the SDK.",Intel,Intel(r) Sgx Sdk,7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-02-13T18:21:11.000Z,0
CVE-2019-0117,https://securityvulnerability.io/vulnerability/CVE-2019-0117,Insufficient Access Control in Protected Memory Subsystem for Intel Processors,"The vulnerability arises from insufficient access control within the protected memory subsystem of Intel's Software Guard Extensions (SGX). This flaw affects a range of Intel Core and Xeon processors, potentially allowing a privileged user to exploit local access and enable unauthorized information disclosure. This poses significant risks to data security in environments utilizing said processors.",Intel,2019.2 Ipu – Intel(r) Sgx With Intel(r) Processor Graphics Update,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T19:08:20.000Z,0
CVE-2019-0124,https://securityvulnerability.io/vulnerability/CVE-2019-0124,Insufficient Memory Protection in Intel Core Processors,"A vulnerability exists in Intel 6th Generation Core Processors and newer models, which support Trusted Execution Technology (TXT). This flaw can allow a privileged user with local access to potentially escalate their privileges, compromising system security. Affected users should consider reviewing security practices and updates provided by Intel to mitigate any risks associated with this vulnerability.",Intel,2019.2 Ipu – Intel(r) Sgx And Txt,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T19:07:54.000Z,0
CVE-2019-0123,https://securityvulnerability.io/vulnerability/CVE-2019-0123,Insufficient Memory Protection in Intel Core Processors Affecting Local Privilege Escalation,"Insufficient memory protection in Intel 6th Generation Core Processors and newer models that support Software Guard Extensions (SGX) may allow a privileged user with local access to enable escalation of privilege. This vulnerability poses a significant risk as it could allow unauthorized access to sensitive data and system control, making it vital for users and organizations to implement recommended security updates and mitigations.",Intel,2019.2 Ipu – Intel(r) Sgx And Txt,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T19:07:45.000Z,0
CVE-2019-14565,https://securityvulnerability.io/vulnerability/CVE-2019-14565,Insufficient Initialization in Intel SGX SDK for Windows and Linux,"The Intel SGX SDK for Windows and Linux contains a vulnerability due to insufficient initialization in versions 2.4.100.51291 and earlier for Windows, and 2.6.100.51363 and earlier for Linux. This flaw may be exploited by an authenticated user with local access to the system to disclose sensitive information, escalate user privileges, or cause a denial of service. Users and administrators should ensure their systems are updated to mitigate the risk associated with this security issue.",Intel,2019.2 Ipu – Intel(r) Sgx,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:47:32.000Z,0
CVE-2019-14566,https://securityvulnerability.io/vulnerability/CVE-2019-14566,Insufficient Input Validation in Intel SGX SDK for Linux and Windows,"Insufficient input validation in the Intel SGX SDK for Linux and Windows may allow an authenticated user to exploit this vulnerability. By leveraging local access, an attacker could potentially manipulate the input to enable information disclosure or escalate their privileges, which could lead to denial of service. Ensuring proper input validation is essential to mitigate such risks.",Intel,2019.2 Ipu – Intel(r) Sgx,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:46:00.000Z,0