Multiple vulnerabilities in Intel SGX



Published: 2019-01-15
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2018-18098
CVE-2018-12155
CWE-ID CWE-20
CWE-200
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Intel SGX Platform Software for Linux
Client/Desktop applications / Other client software

Intel SGX Platform Software for Windows
Client/Desktop applications / Other client software

Intel SGX SDK for Linux
Client/Desktop applications / Other client software

Intel SGX SDK for Windows
Client/Desktop applications / Other client software

Vendor Intel

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Privilege escalation

EUVDB-ID: #VU16991

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-18098

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges.

The weakness exists due to improper file verification in install routine. A local attacker can supply a specially crafted and gain elevated privileges to conduct further attacks.

Mitigation

Update Intel SGX for Windows to version 2.2.100.
Update Intel SGX for Linux to version 2.4.100.

Vulnerable software versions

Intel SGX Platform Software for Linux: before 2.4.100

Intel SGX Platform Software for Windows: before 2.2.100

Intel SGX SDK for Linux: before 2.4.100

Intel SGX SDK for Windows: before 2.2.100

External links

http://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU16332

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-12155

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists due to data leakage that may occur in certain cryptographic libraries used by the affected software. A local attacker can access sensitive information that can be used to conduct further attacks.

Mitigation

Update Intel SGX for Windows to version 2.2.100.
Update Intel SGX for Linux to version 2.4.100.

Vulnerable software versions

Intel SGX Platform Software for Linux: before 2.4.100

Intel SGX Platform Software for Windows: before 2.2.100

Intel SGX SDK for Linux: before 2.4.100

Intel SGX SDK for Windows: before 2.2.100

External links

http://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###