CVE-2013-5740

Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.

CVSS v2.0 6.9 MEDIUM

6.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://support.citrix.com/article/CTX138633
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00035&languageid=en-fr	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:intel:c202_chipset:-:::::::*
	cpe:2.3:h:intel:c204_chipset:-:::::::*
	cpe:2.3:h:intel:c206_chipset:-:::::::*
	cpe:2.3:h:intel:c216_chipset:-:::::::*
	cpe:2.3:h:intel:mobile_intel_qm67_chipset:-:::::::*
	cpe:2.3:h:intel:mobile_intel_qs67_chipset:-:::::::*
	cpe:2.3:h:intel:q67_express_chipset:-:::::::*
	cpe:2.3:h:intel:qm77_chipset:-:::::::*
	cpe:2.3:h:intel:qs77_chipset:-:::::::*
	cpe:2.3:h:intel:qs77_chipset:-::::express:::
	cpe:2.3:o:intel:trusted_execution_technology_sinit_authenticated_code_module::::::::

History

No history.

Information

Published : 2013-09-12 18:37

Updated : 2024-02-04 18:16

NVD link : CVE-2013-5740

Mitre link : CVE-2013-5740

CVE.ORG link : CVE-2013-5740

JSON object : View

Products Affected

intel

qm77_chipset
mobile_intel_qs67_chipset
mobile_intel_qm67_chipset
c216_chipset
c204_chipset
q67_express_chipset
c206_chipset
qs77_chipset
c202_chipset
trusted_execution_technology_sinit_authenticated_code_module

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-5740", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-09-12T18:37:44.287", "references": [{"url": "http://support.citrix.com/article/CTX138633", "source": "cve@mitre.org"}, {"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00035&languageid=en-fr", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) anteriores a v1.2, usados por Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, y C206 chipsets y Mobile Intel QM67 y QS67 chipsets, cuando el measured launch environment (MLE) es invocado, permite a usuarios locales saltarse el mecanismo de protecci\u00f3n (Trusted Execution Technology) y llevar a cabo otras funciones SINIT ACM no especificadas a trav\u00e9s de vectores no especificados."}], "lastModified": "2014-07-11T15:31:24.373", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intel:c202_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C318BFF-72BD-419A-8707-424CAEE6279F"}, {"criteria": "cpe:2.3:h:intel:c204_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "817EB2CE-CD1F-43BC-BD1F-E5D4FD85FD5B"}, {"criteria": "cpe:2.3:h:intel:c206_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47ADFFD3-88C7-401C-B3C2-1C9CABFF9D09"}, {"criteria": "cpe:2.3:h:intel:c216_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "831E5093-BE28-46C3-BD0C-E89335ACB789"}, {"criteria": "cpe:2.3:h:intel:mobile_intel_qm67_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD6B337D-D662-44BA-B593-553E8BBC52DD"}, {"criteria": "cpe:2.3:h:intel:mobile_intel_qs67_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A29BF7A9-8C60-484D-BBAD-3A90B2EA2E0B"}, {"criteria": "cpe:2.3:h:intel:q67_express_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED06F175-16C7-40AA-B3E0-A46AFEA1898D"}, {"criteria": "cpe:2.3:h:intel:qm77_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3095C32-F92D-414A-9B17-D4F9390D8581"}, {"criteria": "cpe:2.3:h:intel:qs77_chipset:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FDC4DD9-A5A2-4AD4-919C-8C025B7A829B"}, {"criteria": "cpe:2.3:h:intel:qs77_chipset:-:*:*:*:express:*:*:*", "vulnerable": true, "matchCriteriaId": "CFB4F8F7-C251-4D2C-8D59-3B1BCAC36265"}, {"criteria": "cpe:2.3:o:intel:trusted_execution_technology_sinit_authenticated_code_module:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D46FC55A-5B1C-4A13-98AD-BFB6FA8CA07C", "versionEndIncluding": "1.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}