7.2

CVE-2009-4419

EPSS 0.06%
Veröffentlicht 24.12.2009 17:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Intel ≫ Gm45 Chipset

Intel ≫ Pm45 Express Chipset

Intel ≫ Q35 Chipset

Intel ≫ Q43 Express Chipset

Intel ≫ Q45 Chipset

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.139

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://invisiblethingslab.com/resources/misc09/Another%20TXT%20Attack.pdf

http://osvdb.org/61248

http://secunia.com/advisories/37900

Vendor Advisory

http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00021&languageid=en-fr

Vendor Advisory

http://theinvisiblethings.blogspot.com/2009/12/another-txt-attack.html

http://www.securityfocus.com/bid/37430

http://www.securitytracker.com/id?1023382

http://www.vupen.com/english/advisories/2009/3618

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/54963

https://nvd.nist.gov/vuln/detail/CVE-2009-4419

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-4419

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-4419

EUVD