Strix
26.1K

CVE-2020-24491

MEDIUMCVSS 4.4/10EPSS 0.27%

Last modified

CVE-2020-24491 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access.. EPSS estimates a 0.27% chance of exploitation in the next 30 days.

Description

Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access.

Metrics

CVSS 3.1
4.4/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS Probability
0.27%

18.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
IntelCore I31000g1
IntelCore I31000g4
IntelCore I31005g1
IntelCore I51030g4
IntelCore I51030g7
IntelCore I51035g1
IntelCore I51035g4
IntelCore I51035g7
IntelCore I71060g7
IntelCore I71065g7

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2020-24491?
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access.
How severe is CVE-2020-24491?
CVE-2020-24491 has a CVSS score of 4.4/10 (MEDIUM severity). The EPSS model estimates a 0.27% probability of exploitation in the next 30 days.
How do I fix CVE-2020-24491?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-24491?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST