Yair Netzer

Researcher fromMicrosoft
#18264of 53,632
14.9Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2023-9799
8.2
2023-11-27
Intel · Intel Tdx Module · CVE-2023-45745
**Name of the Vulnerable Software and Affected Versions** Intel(R) TDX module software versions prior to 1.5.05.46.698 **Description** The issue is related to improper input validation in the Intel(R) TDX module software, which may allow a privileged user to potentially enable escalation of privilege via local access. This could lead to a potential system compromise. **Recommendations** For versions prior to 1.5.05.46.698, upgrade the affected component to mitigate the risk. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.
PT-2023-9798
6.7
2023-11-18
Intel · Intel Tdx · CVE-2023-47855
**Name of the Vulnerable Software and Affected Versions** Intel TDX versions prior to 1.5.05.46.698 **Description** The issue is related to improper input validation in some Intel TDX module software, which may allow a privileged user to potentially enable escalation of privilege via local access. This could permit an attacker to increase their privileges. **Recommendations** For versions prior to 1.5.05.46.698, update to version 1.5.05.46.698 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.