CVE-2022-46487
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Dec 30, 2023
Updated: Jan 5, 2024
CWE ID 665
Summary
CVE-2022-46487 is a vulnerability affecting the __scone_entry component of SCONE before version 5.8.0 for Intel SGX. This issue involves improper initialization of x86 and SSE floating-point configuration registers, which enables a local attacker to manipulate floating-point operations in an enclave. This can lead to compromised execution integrity within the enclave and potential access to sensitive information via side-channel analysis.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share