Primary

Context

Intel TDX Predictable Seed in Pseudo-Random Number Generator Vulnerability Allowing Information Disclosure

Vulnerability

A vulnerability exists in the firmware for certain Intel TDX modules, specifically in Intel Xeon processors, due to a predictable seed in the pseudo-random number generator (PRNG). This flaw may enable an authenticated user to disclose information through local access.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure.

Remediation

Users of Intel Xeon processors are advised to update to the latest version provided by their system manufacturer that addresses this vulnerability.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Intel TDX Predictable Seed in Pseudo-Random Number Generator Vulnerability Allowing Information Disclosure

Vulnerability

Impact

Remediation

Affected Products

Intel Xeon 6 processor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating