CVE-2025-27572
Information Disclosure in Intel TDX Hypervisor via Transient Execution
Publication date: 2026-02-10
Last updated on: 2026-02-10
Assigner: Intel Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| intel | tdx | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the exposure of sensitive information during transient execution within Intel's TDX (Trusted Domain Extensions) technology operating at Ring 0, specifically in the hypervisor. An authorized adversary with privileged user access, combined with a high complexity attack, may be able to disclose sensitive data. The attack requires local access and special internal knowledge but does not require user interaction.
How can this vulnerability impact me? :
The vulnerability primarily impacts the confidentiality of the system by potentially allowing sensitive information to be exposed. It does not affect the integrity or availability of the system. The attack requires a privileged user and local access, making it less likely to be exploited remotely or by unprivileged users.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know