226 matches found
hw: Intel SGX information leak
A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...
hw: Intel SGX information leak
A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...
hw: Intel SGX information leak
A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...
hw: Intel SGX information leak
A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...
hw: Intel SGX information leak
A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...
Intel SGX Driver Input Validation Error Vulnerability
Intel SGX driver is a SGX Intel Software Security Extensions driver from Intel USA. An input validation error vulnerability exists in the Intel SGX driver. An attacker could exploit this vulnerability to cause a denial of service...
The vulnerability of Intel Software Guard Extensions SDK, related to reclaimed memory, allows a hacker to disclose protected information or cause service failures.
The vulnerability of Intel Software Guard Extensions SDK relates to the reallocation of memory. Exploiting this vulnerability can allow attackers to disclose sensitive information or cause service failures...
A week in security (February 11 – 17)
Last week on Malwarebytes Labs we discussed the return of the Sextortion Bitcoin scams, we gave you an early overview of the exploit kits in the winter of 2019, we talked about the destruction of VFEmail service, for consumers we discussed whether you should remove yourself from social media, for...
Researchers Implant "Protected" Malware On Intel SGX Enclaves
Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification. In other words, the technique allows attackers to...
Intel SGX SDK and SGX Platform Software Elevation of Privilege Vulnerability
Intel SGX SDK and SGX Platform Software are both products of Intel Corporation, Intel SGX SDK is a software development kit based on SGX Intel Software Security Extensions technology, and SGX Platform Software is a software protection extension platform. A security vulnerability exists in Intel S...
Intel CPU Foreshadow Vulnerability
L1 terminal failure SGX vulnerability mainly exists in the models of CPUs that support Intel SGX Software Protection Extension technology, the vulnerability is named: Foreshadow Foreshadow, the use of speculation to perform a side-channel attack, with local user access rights, an attacker can...
Intel CPU Foreshadow-NG (foreshadow next-generation version) Vulnerability
The L1 Terminal Malfunction OS/SMM vulnerability is different for Intel CPUs with SGX Software Protection Extensions technology, and may also affect CPUs from other vendors. With the speculative execution of a side-channel attack, an attacker with local user access could achieve an unauthorized...
The vulnerability of the Software Guard eXtensions processor technology allows unauthorized access to data stored in a secure zone.
The vulnerability of the Software Guard eXtensions SGX processor implementation relates to the possibility of speculative execution of instructions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to data protected by SGX, by executing attacks through peripheral...
Foreshadow- L1 Terminal Fault: SGX
Systems with microprocessors utilizing speculative execution and Intel® software guard extensions Intel® SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. CVE: CVE-2018-3615 Last...
Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered
2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks...
CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions Intel SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis...
Design/Logic Flaw
AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM...
CVE-2018-3689
The CVE affects the AESM daemon in the Intel SGX Platform Software Component for Linux prior to version 2.1.102. A local attacker can disable AESM, causing a denial of service to remote attestation. The NVD CVSSv3.1 vector indicates LOCAL access, low attack complexity, privileges required: LOW, w...
Intel Software Guard Extension Local Elevation of Privilege Vulnerability
Intel Software Guard Extensions Platform Software Component is a set of software components for the Software Guard Extensions Platform from Intel Corporation. A local elevation of privilege vulnerability exists in Intel Software Guard Extensions. A local attacker could exploit this vulnerability ...
CVE-2017-5736
An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator...