VAR-201309-0333
Vulnerability from variot - Updated: 2025-04-11 23:15Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors. Successful exploits will allow local processes to gain elevated privileges. This may facilitate a complete compromise of affected computers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0333",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "c204 chipset",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "c206 chipset",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "q67 express chipset",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "qm77 chipset",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "qs77 chipset",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "mobile intel qm67 chipset",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "c202 chipset",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "mobile intel qs67 chipset",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution technology sinit authenticated code module",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "1.1"
},
{
"model": "c216 chipset",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "trusted execution technology sinit ac module",
"scope": "lte",
"trust": 0.8,
"vendor": "intel",
"version": "1.1"
},
{
"model": "c202 chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "c204 chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "c206 chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "c216 chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "q67 express chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "q77 express chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "qm77 chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "qs77 chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "mobile intel qm67 chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "mobile intel qs67 express chip set",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xenclient xt",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "2.1.3"
},
{
"model": "xenclient xt",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "3.1.4"
},
{
"model": "trusted execution technology sinit authenticated code module",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "1.1"
},
{
"model": "qs77 chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "qs67 express chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "qm77 chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "qm67 express chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "q77 express chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "q67 express chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "c216 chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "c206 chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "c204 chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "c202 chipset",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "3rd gen i5 i7 sinit 51",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "0"
},
{
"model": "3rd gen i5 i7 sinit 67",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "62416"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-182"
},
{
"db": "NVD",
"id": "CVE-2013-5740"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:intel:trusted_execution_technology_sinit_authenticated_code_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:c202_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:c204_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:c206_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:c216_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:q67_express_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:q77_express_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:qm77_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:qs77_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:mobile_intel_qm67_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:intel:mobile_intel_qs67_chipset",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:citrix:xenclient_xt",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "62416"
}
],
"trust": 0.3
},
"cve": "CVE-2013-5740",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2013-5740",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-65742",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-5740",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-5740",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-182",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-65742",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65742"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-182"
},
{
"db": "NVD",
"id": "CVE-2013-5740"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors. \nSuccessful exploits will allow local processes to gain elevated privileges. This may facilitate a complete compromise of affected computers",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5740"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
},
{
"db": "BID",
"id": "62416"
},
{
"db": "VULHUB",
"id": "VHN-65742"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5740",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004148",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-182",
"trust": 0.7
},
{
"db": "BID",
"id": "62416",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-65742",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65742"
},
{
"db": "BID",
"id": "62416"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-182"
},
{
"db": "NVD",
"id": "CVE-2013-5740"
}
]
},
"id": "VAR-201309-0333",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-65742"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:15:25.285000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CTX138633",
"trust": 0.8,
"url": "http://support.citrix.com/article/CTX138633"
},
{
"title": "INTEL-SA-00035",
"trust": 0.8,
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00035\u0026languageid=en-fr"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5740"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00035\u0026languageid=en-fr"
},
{
"trust": 1.7,
"url": "http://support.citrix.com/article/ctx138633"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5740"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5740"
},
{
"trust": 0.3,
"url": "http://www.intel.com/"
},
{
"trust": 0.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00035\u0026amp;languageid=en-fr"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65742"
},
{
"db": "BID",
"id": "62416"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-182"
},
{
"db": "NVD",
"id": "CVE-2013-5740"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-65742"
},
{
"db": "BID",
"id": "62416"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-182"
},
{
"db": "NVD",
"id": "CVE-2013-5740"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-65742"
},
{
"date": "2013-07-01T00:00:00",
"db": "BID",
"id": "62416"
},
{
"date": "2013-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004148"
},
{
"date": "2013-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-182"
},
{
"date": "2013-09-12T18:37:44.287000",
"db": "NVD",
"id": "CVE-2013-5740"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-65742"
},
{
"date": "2013-07-01T00:00:00",
"db": "BID",
"id": "62416"
},
{
"date": "2013-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004148"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-182"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-5740"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "62416"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-182"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Intel Used in products Intel Trusted Execution Technology SINIT Authenticated Code Modules In Trusted Execution Technology Vulnerabilities that circumvent protection mechanisms",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004148"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-182"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…