CVE-2023-43753Medium
Share link
Anyone with the link can open this vulnerability.
Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information discl…
CVSS
6.8
Medium
EPSS
0.00
p4
Published
2023-01-01
Updated
2023-01-01
Description
Improper conditions check in some Intel(R) Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
Tags · CWE
CWE-92
CWE-92BaseDeprecated
DEPRECATED: Improper Sanitization of Custom Special Characters
This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.
https://cwe.mitre.org/data/definitions/92.html →Open in CWE collection →CVSS vector
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Timeline
2023-01-01
Published
2023-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: H
High (H)
Attack Requirements
AT: N
None
Privileges Required
PR: H
High (H)
User Interaction
UI: N
None (N)
Vulnerable System Confidentiality
VC: H
High (H)
Vulnerable System Integrity
VI: N
None (N)
Vulnerable System Availability
VA: N
None (N)
Subsequent System Confidentiality
SC: H
High (H)
Subsequent System Integrity
SI: N
None (N)
Subsequent System Availability
SA: N
None (N)
Exploit Code Maturity
E: X
Not Defined
Confidentiality Requirement
CR: X
Not Defined
Integrity Requirement
IR: X
Not Defined
Availability Requirement
AR: X
Not Defined
Modified Attack Vector
MAV: X
Not Defined
Modified Attack Complexity
MAC: X
Not Defined
Modified Attack Requirements
MAT: X
Not Defined
Modified Privileges Required
MPR: X
Not Defined
Modified User Interaction
MUI: X
Not Defined
Modified Vulnerable System Confidentiality
MVC: X
Not Defined
Modified Vulnerable System Integrity
MVI: X
Not Defined
Modified Vulnerable System Availability
MVA: X
Not Defined
Modified Subsequent System Confidentiality
MSC: X
Not Defined
Modified Subsequent System Integrity
MSI: X
Not Defined
Modified Subsequent System Availability
MSA: X
Not Defined
s
S: X
X
au
AU: X
X
r
R: X
X
v
V: X
X
re
RE: X
X
u
U: X
X
Exploit indicators
EPSS
0.002 · p4
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
No vulnerabilities match your filters.
Related vulnerabilities