Fwd: [CIVN-2019-0167] Vulnerability in Open Enclave SDK

Severity Rating: HIGH

Software Affected

Open Enclave SDK

Overview

A vulnerability has been reported in Open Enclave SDK which could allow

remote attacker to improperly handle objects on the targeted system.

Description

An information disclosure vulnerability exists in Open Enclave SDK due to

improper handling of objects in memory. An attacker could exploit this

vulnerability by compromising the host application running the enclave

without user interaction.

Successful exploitation of this vulnerability could allow an attacker to

obtain information stored in the Enclave.

Solution

Apply appropriate patches as mentioned in following vendor advisory:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019

- -1369

Vendor Information

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019

- -1369

References

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019

- -1369

CVE Name

CVE-2019-1369

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2019-0167] Vulnerability in Open Enclave SDK

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive