Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Endpoint Security

Google Audit Finds Vulnerabilities in Intel TDX

Over a nine-month audit, Google researchers identified ten security defects in Intel TDX, including nine vulnerabilities addressed with TDX code changes.

Google this week published the results of a nine-month audit of Intel Trust Domain Extensions (TDX), which resulted in the discovery of ten security defects.

Providing hardware isolated virtual machines, TDX has been added to some Intel Xeon Scalable CPUs to support confidential computing by isolating sensitive resources from the hosting environment.

Focused on identifying any vulnerabilities in Intel’s technology before it entered production, the security review was performed by a team of Google Cloud Security and Project Zero researchers, working together with Intel engineers.

The team identified 81 potential attack vectors and ten confirmed vulnerabilities. Nine of the defects were addressed in the TDX code, while the tenth issue required changes to the guide for writing a BIOS to support TDX. Intel also made five defense-in-depth changes.

The vulnerabilities, Google says, could lead to arbitrary code execution, cryptographic weaknesses, denial-of-service conditions, and weaknesses in debug or deployment facilities.

No CVE identifiers were issued for the discovered bugs, but Intel did assess their severity and assigned a CVSS score of 9.3 to an incorrect handling of interrupts when the Authenticated Code Module (ACM) transitioned from the privileged execution context to an untrusted context.

The flaw could be exploited to execute arbitrary code within the privileged ACM execution mode, compromising both TDX integrity and the security of any deployed virtual machines.

Advertisement. Scroll to continue reading.

“Where possible the review performed variant analysis of any discovered issues to determine if the same pattern could be identified in other areas of the code base. All confirmed issues were mitigated before the production release of the 4th gen Intel Xeon Scalable processors,” Google explains in a detailed report (PDF).

According to the internet giant, only two of the identified vulnerabilities were memory safety issues, with logical bugs representing the most common type of identified flaws.

Google also discovered design-level and implementation issues in pre-release code and Intel decided to release the reviewed code in open source, so that further reviews could be performed.

“The review met its expected goals and was able to ensure significant security issues were resolved before the final release of Intel TDX. Overall, the review provided Google with a better understanding of how the TDX feature functions which can be used to guide deployment,” Google says.

Related: Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform

Related: Intel Paid Out Over $4.1 Million via Bug Bounty Program Since 2017

Related: Dozens of Vulnerabilities Patched in Intel Products

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.