SGX
by Intel
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-3615 | Hig | 0.48 | 7.3 | 0.06 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. | ||
| CVE-2022-41804 | 0.00 | — | 0.00 | Aug 11, 2023 | Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2019-0117 | 0.00 | — | 0.00 | Nov 14, 2019 | Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor… | |||
| CVE-2019-14565 | 0.00 | — | 0.00 | Nov 14, 2019 | Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | |||
| CVE-2019-14566 | 0.00 | — | 0.00 | Nov 14, 2019 | Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. |
- risk 0.48cvss 7.3epss 0.06
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
- CVE-2022-41804Aug 11, 2023risk 0.00cvss —epss 0.00
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2019-0117Nov 14, 2019risk 0.00cvss —epss 0.00
Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor…
- CVE-2019-14565Nov 14, 2019risk 0.00cvss —epss 0.00
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.
- CVE-2019-14566Nov 14, 2019risk 0.00cvss —epss 0.00
Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.