CVE-2019-14565

Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.

Published: Nov 14, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-14565
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-665

Affected Software
References

Software	From	Fixed in
intel / software_guard_extensions_sdk	2.3.100.49777	2.3.100.49777.x
intel / software_guard_extensions_sdk	2.3.101.50222	2.3.101.50222.x
intel / software_guard_extensions_sdk	2.4.100.51291	2.4.100.51291.x
intel / software_guard_extensions_sdk	2.2.100.45311	2.2.100.45311.x
intel / software_guard_extensions_sdk	2.3.100.46354	2.3.100.46354.x
intel / software_guard_extensions_sdk	2.4.100.48163	2.4.100.48163.x
intel / software_guard_extensions_sdk	2.5.100.49891	2.5.100.49891.x
intel / software_guard_extensions_sdk	2.6.100.51363	2.6.100.51363.x

Vulnerability Database

289,782

CVE-2019-14565