HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-39283

CVSS 8.5v4.0pub. 2024-08-14upd. 2025-09-02

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Intel Tdx Module

    APP
    Intel
    < 1.5.01.00.592
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2024-21801HIGH8.3ten sam produkt

Insufficient control flow management in some Intel(R) TDX module software before version 1.5.05.46.698 may all...

CVE-2023-45745HIGH7.9ten sam produkt

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privil...

CVE-2024-33607MEDIUM5.7ten sam produkt

Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenti...

CVE-2023-47855MEDIUM6.0ten sam produkt

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privil...

CVE-2021-45046CRITICAL9.0⚠ KEVten sam vendor

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...