CVE-2021-0186

Name of the Vulnerable Software and Affected Versions Intel(R) SGX SDK versions prior to 2.13 for Windows and 2.14 for Linux

Description The issue is related to improper input validation in Intel(R) SGX SDK applications compiled for SGX2 enabled processors, which may allow a privileged user to potentially escalate privileges via local access. This vulnerability can be exploited to access sensitive information inside protected enclaves and even execute arbitrary code on vulnerable systems. The vulnerability is associated with the Software Guard eXtensions (SGX) technology in Intel processors.

Recommendations For Intel(R) SGX SDK versions prior to 2.13 for Windows and 2.14 for Linux, update to version 2.13 for Windows or 2.14 for Linux to resolve the issue. As a temporary workaround, consider restricting access to sensitive information inside protected enclaves until the update is applied.