{"vulnerability": "cve-2019-11157", "sightings": [{"uuid": "5a8ec4f1-12e3-4ea6-96cc-31eb545858cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11157", "type": "seen", "source": "https://t.me/ctinow/18511", "content": "New PlunderVolt Attack Targets Intel SGX Enclaves by Tweaking CPU Voltage A team of cybersecurity researchers demonstrated a novel yet another technique to hijack Intel SGX, a hardware-isolated trusted space on modern Intel CPUs that encrypts extremely sensitive data to shield it from attackers even when a system gets compromised.\n\nDubbed Plundervolt and tracked as CVE-2019-11157, the attack relies on the fact that modern processors allow frequency and voltage to be", "creation_timestamp": "2019-12-11T11:01:27.000000Z"}, {"uuid": "f9eb790d-bb01-49f1-87cc-2768f953366e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11157", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/482", "content": "#exploit\n1. CVE-2019-11157:\nPlundervolt - Software-based Fault injection attacks against Intel SGX\nhttps://www.plundervolt.com\nhttps://github.com/KitMurdock/plundervolt\n\n2. CVE-2019-1388:\nWindows Certificate Dialog\u00a0EoP\nhttps://github.com/jas502n/CVE-2019-1388\n\n3. CVE-2019-10149:\nA flaw was found in Exim 4.87 - 4.91. Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to RCE\nhttps://github.com/Diefunction/CVE-2019-10149", "creation_timestamp": "2024-10-14T20:57:38.000000Z"}, {"uuid": "2f2cfec7-b1ec-44d8-89a6-0467fa0e7ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11157", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/556", "content": "PlunderVolt \u26a1 CVE-2019-11157\n \nResearchers demonstrated a new novel technique that could allow attackers to compromise the integrity of Intel SGX technology on modern processors by tweaking the CPU\u2019s voltage, resulting in easy retrieval sensitive data protected by hardware-isolated SGX enclaves.\n \nDetails: https://thehackernews.com/2019/12/intel-sgx-voltage-attack.html", "creation_timestamp": "2019-12-11T10:41:27.000000Z"}]}