Jinhua Cui

**Name of the Vulnerable Software and Affected Versions** Intel(R) SGX SDK versions prior to 2.13 for Windows and 2.14 for Linux **Description** The issue is related to improper input validation in Intel(R) SGX SDK applications compiled for SGX2 enabled processors, which may allow a privileged user to potentially escalate privileges via local access. This vulnerability can be exploited to access sensitive information inside protected enclaves and even execute arbitrary code on vulnerable systems. The vulnerability is associated with the Software Guard eXtensions (SGX) technology in Intel processors. **Recommendations** For Intel(R) SGX SDK versions prior to 2.13 for Windows and 2.14 for Linux, update to version 2.13 for Windows or 2.14 for Linux to resolve the issue. As a temporary workaround, consider restricting access to sensitive information inside protected enclaves until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Open Enclave SDK (affected versions not specified) **Description** The issue is related to insecure privilege management. Exploitation of this issue may allow an attacker to bypass security restrictions and elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.