What is the severity of CVE-2024-36293?

CVE-2024-36293 has a severity level that can potentially lead to denial of service if exploited.

How do I fix CVE-2024-36293?

To fix CVE-2024-36293, update to the latest version of the intel-microcode package, specifically version 3.20250211.1 or later.

Who is affected by CVE-2024-36293?

CVE-2024-36293 affects Intel processors that utilize Intel SGX and have improper access control in the EDECCSSA user leaf function.

Can CVE-2024-36293 be exploited remotely?

CVE-2024-36293 necessitates local access for potential exploitation, meaning it cannot be exploited remotely.

What types of systems are vulnerable to CVE-2024-36293?

Vulnerable systems include those running specific versions of the intel-microcode package on Intel processors with SGX.

Vulnerability/
CVE-2024-36293

medium

6.8

CWE

284

12/2/2025

13/2/2025

CVE-2024-36293

First published: Wed Feb 12 2025(Updated: )

Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.

Credit: secure@intel.com

Affected Software	Affected Version	How to fix
debian/intel-microcode	<=3.20240813.1~deb11u1<=3.20241112.1~deb11u1<=3.20241112.1~deb12u1<=3.20231114.1~deb12u1<=3.20241112.1	3.20250211.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-36293?
CVE-2024-36293 has a severity level that can potentially lead to denial of service if exploited.
How do I fix CVE-2024-36293?
To fix CVE-2024-36293, update to the latest version of the intel-microcode package, specifically version 3.20250211.1 or later.
Who is affected by CVE-2024-36293?
CVE-2024-36293 affects Intel processors that utilize Intel SGX and have improper access control in the EDECCSSA user leaf function.
Can CVE-2024-36293 be exploited remotely?
CVE-2024-36293 necessitates local access for potential exploitation, meaning it cannot be exploited remotely.
What types of systems are vulnerable to CVE-2024-36293?
Vulnerable systems include those running specific versions of the intel-microcode package on Intel processors with SGX.

agent/weakness
agent/type
agent/first-publish-date
agent/severity
agent/author
collector/nvd-api
source/NVD
agent/last-modified-date
collector/mitre-cve
source/MITRE
collector/usn-cve
source/Ubuntu
agent/source
agent/softwarecombine
agent/references
agent/description
agent/tags
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
agent/event
package-manager/debian

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.