CVE-2009-4419

high

Description

Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/54963

http://www.vupen.com/english/advisories/2009/3618

http://www.securitytracker.com/id?1023382

http://www.securityfocus.com/bid/37430

http://theinvisiblethings.blogspot.com/2009/12/another-txt-attack.html

http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00021&languageid=en-fr

http://secunia.com/advisories/37900

http://osvdb.org/61248

http://invisiblethingslab.com/resources/misc09/Another%20TXT%20Attack.pdf

Details

Source: Mitre, NVD

Published: 2009-12-24

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00055