Login Sign Up

CVE-2023-45745

7.9 HIGH

📋 TL;DR

This vulnerability in Intel TDX module software allows a privileged user on a local system to potentially escalate privileges due to improper input validation. It affects systems using Intel TDX technology with vulnerable software versions. The attacker must already have local privileged access to exploit this flaw.

💻 Affected Systems

Products:
  • Intel TDX Module
Versions: All versions before 1.5.05.46.698
Operating Systems: Linux systems with Intel TDX support
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with Intel TDX (Trust Domain Extensions) enabled and using vulnerable TDX module software.

📦 What is this software?

Hci Compute Node Bios by Netapp

View all CVEs affecting Hci Compute Node Bios →

Tdx Module by Intel

View all CVEs affecting Tdx Module →

⚠️ Risk & Real-World Impact

🔴

Worst Case

A privileged attacker could gain higher-level system privileges, potentially compromising the entire host system and accessing protected memory regions.

🟠

Likely Case

A malicious administrator or compromised privileged account could elevate privileges to bypass security boundaries within the TDX environment.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to systems where attackers already have privileged access.

🌐 Internet-Facing: LOW - Requires local privileged access, not remotely exploitable.
🏢 Internal Only: MEDIUM - Internal privileged users could exploit this, but requires existing elevated access.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local privileged access and knowledge of TDX internals. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.5.05.46.698 or later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html

Restart Required: Yes

Instructions:

1. Check current TDX module version. 2. Download updated TDX module from Intel. 3. Install update following Intel documentation. 4. Reboot system to load new module.

🔧 Temporary Workarounds

Disable TDX

linux

Temporarily disable Intel TDX functionality if not required

echo 'intel_iommu=off' >> /etc/default/grub
update-grub
reboot

🧯 If You Can't Patch

  • Restrict local privileged access to essential personnel only
  • Implement strict monitoring of privileged user activities and system calls

🔍 How to Verify

Check if Vulnerable:

Check TDX module version: dmesg | grep -i tdx or check /sys/module/tdx_module/version

Check Version:

dmesg | grep 'TDX module' | grep -o 'version [0-9.]*'

Verify Fix Applied:

Verify version is 1.5.05.46.698 or higher after update

📡 Detection & Monitoring

Log Indicators:

  • Unusual TDX module loading/unloading
  • Suspicious privileged process behavior
  • Unexpected system calls related to TDX

Network Indicators:

  • Not applicable - local-only vulnerability

SIEM Query:

process where (parent_process_name contains 'tdx' OR process_name contains 'tdx') AND user_id < 1000

📊 Metadata

CVE ID: CVE-2023-45745
CVSS v3 Score: 7.9 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
CWE: CWE-20
Published: May 16, 2024
Last Updated: September 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-45745, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)