7.2

CVE-2009-4419

EPSS 0.06%
Published 24.12.2009 17:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Intel ≫ Gm45 Chipset

Intel ≫ Pm45 Express Chipset

Intel ≫ Q35 Chipset

Intel ≫ Q43 Express Chipset

Intel ≫ Q45 Chipset

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.139

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://invisiblethingslab.com/resources/misc09/Another%20TXT%20Attack.pdf

http://osvdb.org/61248

http://secunia.com/advisories/37900

Vendor Advisory

http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00021&languageid=en-fr

Vendor Advisory

http://theinvisiblethings.blogspot.com/2009/12/another-txt-attack.html

http://www.securityfocus.com/bid/37430

http://www.securitytracker.com/id?1023382

http://www.vupen.com/english/advisories/2009/3618

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/54963

https://nvd.nist.gov/vuln/detail/CVE-2009-4419

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-4419

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-4419

EUVD