Description
Improper Access Control in subsystem for Intel(R) TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20200611-0005/
Various Sources x_refsource_misc
https://support.lenovo.com/de/en/product_security/len-30041
Scores
CVSS v3
6.8
EPSS
0.0022
EPSS Percentile
45.1%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
intel/trusted_execution_engine_firmware
3.0 - 3.1.70
Published
Jun 15, 2020
Tracked Since
Feb 18, 2026