CVE-2024-21850
Published: 13 November 2024
Summary
CVE-2024-21850 is a high-severity Sensitive Information in Resource Not Removed Before Reuse (CWE-226) vulnerability in Intel (inferred from references). Its CVSS base score is 8.3 (High).
Operationally, ranked at the 13.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-19461
Vulnerability details
Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module software before version 1.5.02.00 may allow a privileged user to potentially enable escalation of privilege via local access.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
The eradication and cross-system identification steps ensure sensitive information is removed before resources are reused or further accessed.
Requiring sanitization of media prior to removal for off-site maintenance ensures sensitive information is removed before the resource is reused or accessed externally.
Procedures include sanitization, overwriting, and disposal requirements to remove sensitive data before media reuse or release.
Requiring sanitization prior to reuse directly ensures sensitive information is removed from resources before they are reused by others.
Downgrading enables reuse of media at lower security levels, and the mandated process ensures sensitive information is removed beforehand to prevent exposure on reused resources.
Directly requires removal of sensitive data from resources before reuse or reallocation to another subject, eliminating residual information transfer.
Explicit retention limits and destruction rules reduce the persistence of sensitive information in reusable resources.
Periodic quality checks and deletion ensure sensitive PII is removed from resources prior to reuse or retention beyond its valid lifetime.