CVE-2022-46487

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 30, 2023
Updated: Jan 5, 2024
CWE ID 665

Summary

CVE-2022-46487 is a vulnerability affecting the __scone_entry component of SCONE before version 5.8.0 for Intel SGX. This issue involves improper initialization of x86 and SSE floating-point configuration registers, which enables a local attacker to manipulate floating-point operations in an enclave. This can lead to compromised execution integrity within the enclave and potential access to sensitive information via side-channel analysis.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share