CVE-2024-39283

CWE-7913 documents3 sources
Severity
8.5HIGH
EPSS
0.1%
top 70.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel TDX Module
Timeline
PublishedAug 14

Description

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Affected Packages2 packages

CVEListV5intel(r)_tdx_module_softwarebefore version TDX_1.5.01.00.592
NVDintel/tdx_module< 1.5.01.00.592

🔴Vulnerability Details

2
CVEList
CVE-2024-39283: Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_12024-08-14
GHSA
GHSA-m5c9-vq33-vv2v: Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_12024-08-14
CVE-2024-39283 (HIGH CVSS 8.5) | Incomplete filtering of special ele | cvebase.io