Lucene search
K

226 matches found

RedHat Linux
RedHat Linux
added 2019/11/12 10:46 p.m.4 views

hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

4.4CVSS6.5AI score0.00415EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/11/12 10:45 p.m.3 views

hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

4.4CVSS6.5AI score0.00415EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/11/12 10:29 p.m.1 views

hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

4.4CVSS6.5AI score0.00415EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/11/12 10:22 p.m.4 views

hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

4.4CVSS6.5AI score0.00415EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/11/12 10:13 p.m.3 views

hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

4.4CVSS6.5AI score0.00415EPSS
Exploits0References6
CNVD
CNVD
added 2019/06/14 12:0 a.m.4 views

Intel SGX Driver Input Validation Error Vulnerability

Intel SGX driver is a SGX Intel Software Security Extensions driver from Intel USA. An input validation error vulnerability exists in the Intel SGX driver. An attacker could exploit this vulnerability to cause a denial of service...

5.5CVSS6.7AI score0.00388EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.7 views

The vulnerability of Intel Software Guard Extensions SDK, related to reclaimed memory, allows a hacker to disclose protected information or cause service failures.

The vulnerability of Intel Software Guard Extensions SDK relates to the reallocation of memory. Exploiting this vulnerability can allow attackers to disclose sensitive information or cause service failures...

5.3CVSS7AI score0.00348EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2019/02/18 4:30 p.m.64 views

A week in security (February 11 – 17)

Last week on Malwarebytes Labs we discussed the return of the Sextortion Bitcoin scams, we gave you an early overview of the exploit kits in the winter of 2019, we talked about the destruction of VFEmail service, for consumers we discussed whether you should remove yourself from social media, for...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/02/13 9:57 a.m.1 views

Researchers Implant "Protected" Malware On Intel SGX Enclaves

Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification. In other words, the technique allows attackers to...

7.3AI score
Exploits0
CNVD
CNVD
added 2019/01/14 12:0 a.m.6 views

Intel SGX SDK and SGX Platform Software Elevation of Privilege Vulnerability

Intel SGX SDK and SGX Platform Software are both products of Intel Corporation, Intel SGX SDK is a software development kit based on SGX Intel Software Security Extensions technology, and SGX Platform Software is a software protection extension platform. A security vulnerability exists in Intel S...

7.3CVSS6.8AI score0.00278EPSS
Exploits2References1
CNVD
CNVD
added 2018/08/16 12:0 a.m.2 views

Intel CPU Foreshadow Vulnerability

L1 terminal failure SGX vulnerability mainly exists in the models of CPUs that support Intel SGX Software Protection Extension technology, the vulnerability is named: Foreshadow Foreshadow, the use of speculation to perform a side-channel attack, with local user access rights, an attacker can...

6.4CVSS6.4AI score0.06301EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/16 12:0 a.m.3 views

Intel CPU Foreshadow-NG (foreshadow next-generation version) Vulnerability

The L1 Terminal Malfunction OS/SMM vulnerability is different for Intel CPUs with SGX Software Protection Extensions technology, and may also affect CPUs from other vendors. With the speculative execution of a side-channel attack, an attacker with local user access could achieve an unauthorized...

5.6CVSS6.4AI score0.05577EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/08/16 12:0 a.m.8 views

The vulnerability of the Software Guard eXtensions processor technology allows unauthorized access to data stored in a secure zone.

The vulnerability of the Software Guard eXtensions SGX processor implementation relates to the possibility of speculative execution of instructions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to data protected by SGX, by executing attacks through peripheral...

7.9CVSS7AI score0.06301EPSS
Exploits0References10Affected Software26
SonicWall
SonicWall
added 2018/08/15 4:0 p.m.12 views

Foreshadow- L1 Terminal Fault: SGX

Systems with microprocessors utilizing speculative execution and Intel® software guard extensions Intel® SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. CVE: CVE-2018-3615 Last...

7.9CVSS6.1AI score0.06301EPSS
Exploits0
The Hacker News
The Hacker News
added 2018/08/15 7:40 a.m.4 views

Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered

2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks...

6.4CVSS8.7AI score0.08101EPSS
Exploits0
OSV
OSV
added 2018/08/14 7:29 p.m.10 views

CVE-2018-3615

Systems with microprocessors utilizing speculative execution and Intel software guard extensions Intel SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis...

6.4CVSS6.2AI score
Exploits0References19
Prion
Prion
added 2018/04/03 4:29 p.m.11 views

Design/Logic Flaw

AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM...

2.1CVSS5.5AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2018/04/03 4:0 p.m.41 views

CVE-2018-3689

The CVE affects the AESM daemon in the Intel SGX Platform Software Component for Linux prior to version 2.1.102. A local attacker can disable AESM, causing a denial of service to remote attestation. The NVD CVSSv3.1 vector indicates LOCAL access, low attack complexity, privileges required: LOW, w...

5.5CVSS5.5AI score0.00241EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/03/23 12:0 a.m.3 views

Intel Software Guard Extension Local Elevation of Privilege Vulnerability

Intel Software Guard Extensions Platform Software Component is a set of software components for the Software Guard Extensions Platform from Intel Corporation. A local elevation of privilege vulnerability exists in Intel Software Guard Extensions. A local attacker could exploit this vulnerability ...

8.8CVSS7.7AI score0.00347EPSS
Exploits0References1
NVD
NVD
added 2018/03/20 8:29 p.m.29 views

CVE-2017-5736

An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator...

8.8CVSS8.7AI score0.00347EPSS
Exploits0References2
Rows per page
Query Builder