CVE-2022-26509

CWE-755 — Improper Exception Handling3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 83.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel SGX SDK

Timeline

PublishedFeb 16

Description

Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:NExploitability: 0.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5intel(r)_sgx_sdk_softwareSee references

▶NVDintel/sgx_sdk< 2.16.100.1+1

🔴Vulnerability Details

GHSA

GHSA-9ppj-rc3q-j6g2: Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access↗2023-02-16

▶

CVEList

CVE-2022-26509: Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access↗2023-02-16

▶