TDX Module
by Intel
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-31944 | Med | 0.34 | 5.3 | 0.00 | Feb 10, 2026 | Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access… | ||
| CVE-2025-22885 | Med | 0.31 | 4.7 | 0.00 | Feb 10, 2026 | Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access… | ||
| CVE-2025-32467 | Med | 0.27 | 4.1 | 0.00 | Feb 10, 2026 | Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur… | ||
| CVE-2025-27940 | Med | 0.27 | 4.1 | 0.00 | Feb 10, 2026 | Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur… | ||
| CVE-2025-20044 | Med | 0.27 | 4.1 | 0.00 | Aug 12, 2025 | Improper locking for some Intel(R) TDX Module firmware before version 1.5.13 may allow a privileged user to potentially enable escalation of privilege via local access. | ||
| CVE-2024-27457 | Low | 0.16 | 2.5 | 0.00 | Oct 8, 2024 | Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2024-33607 | 0.00 | — | 0.00 | Aug 12, 2025 | Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2024-39283 | 0.00 | — | 0.00 | Aug 14, 2024 | Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2024-21801 | 0.00 | — | 0.00 | Aug 14, 2024 | Insufficient control flow management in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable denial of service via local access. | |||
| CVE-2023-47855 | 0.00 | — | 0.00 | May 16, 2024 | Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2023-45745 | 0.00 | — | 0.00 | May 16, 2024 | Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. |
- risk 0.34cvss 5.3epss 0.00
Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access…
- risk 0.31cvss 4.7epss 0.00
Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access…
- risk 0.27cvss 4.1epss 0.00
Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur…
- risk 0.27cvss 4.1epss 0.00
Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur…
- risk 0.27cvss 4.1epss 0.00
Improper locking for some Intel(R) TDX Module firmware before version 1.5.13 may allow a privileged user to potentially enable escalation of privilege via local access.
- risk 0.16cvss 2.5epss 0.00
Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.
- CVE-2024-33607Aug 12, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2024-39283Aug 14, 2024risk 0.00cvss —epss 0.00
Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2024-21801Aug 14, 2024risk 0.00cvss —epss 0.00
Insufficient control flow management in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable denial of service via local access.
- CVE-2023-47855May 16, 2024risk 0.00cvss —epss 0.00
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2023-45745May 16, 2024risk 0.00cvss —epss 0.00
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.