{"id":"CVE-2021-33767","details":"Open Enclave SDK Elevation of Privilege Vulnerability","modified":"2026-04-11T17:26:01.744884Z","published":"2021-07-14T18:15:10.413Z","references":[{"type":"FIX","url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33767"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/microsoft/openenclave","events":[{"introduced":"0"},{"fixed":"f2dc5343c86d93f71a47fbfb0e777e8d82d729fc"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.17.1"}]}}],"versions":["v0.12.0-rc2","v0.13.0-rc2","v0.17.0","v0.17.0-rc1","v0.17.0-rc2","v0.8.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-33767.json","vanir_signatures":[{"deprecated":false,"digest":{"length":1070,"function_hash":"18433931190812156897047028303216350326"},"target":{"file":"enclave/core/sgx/exception.c","function":"oe_real_exception_dispatcher"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Function","signature_version":"v1","id":"CVE-2021-33767-11af6b18"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["184480401271783261535632370007065496697","261382023818100980726786314257197145919","13925476826217151345340562327902848169","61412531887379229096311244553166078001","77032035777658821335591090512624148817","211765475852199044308015038522332909252"]},"target":{"file":"host/sgx/exception.c"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Line","signature_version":"v1","id":"CVE-2021-33767-1f51aa69"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["338312299055116680643972021375111454966","250304578747258027705934183519530115947","72089076233168490422257224721975323529","76416886982456590845177982504274296535","125251622553022832412214540386049907812","44244044881934035234637576188736536828","134125300586462926305169865084257134000","149870088681737661241973279969990313753","233829765293746787040655248556753740939","228547145119353700098182971543123374680","106806111574817519629094889177684010303"]},"target":{"file":"include/openenclave/internal/sgx/td.h"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Line","signature_version":"v1","id":"CVE-2021-33767-22f95b08"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["121944088950994944151597304105476549142","311982155667071568802660323965652723211","125728925497473488880652532783117359361","35200161883044730069743703199036197928","87439383712693556005944744365383323111","134289521541649591655034733856558453532","331080028807684774743592907687417139941","127453171647178031398176956401782339774","337883004740574582861020896892914284412","239495078031195188540670770665692048678","327171200970179457603841877845735918305","243004270218670919436063346121128406893","241837130162416230215143348101495956800","103031818463147558153128171921136386248","210906506809880009752740100204454117062"]},"target":{"file":"enclave/core/sgx/td.c"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Line","signature_version":"v1","id":"CVE-2021-33767-29decb33"},{"deprecated":false,"digest":{"length":478,"function_hash":"239920328339921390341584063081123795430"},"target":{"file":"enclave/core/sgx/calls.c","function":"_exit_enclave"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Function","signature_version":"v1","id":"CVE-2021-33767-2e8a2b96"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["289113883183961417448694547060707231390","273917150812523336785320047255638051619","69016828451328989421451157539769093088","149118028601292598177818848962884064501","80282542015884179789404726903714725995","74015889671745623055215037398645026863","230199782805034055654332242360770134408","297983089697836998838519526188009107126","72483257119000057380872811831402618792","24305293306869865316537058033671697543","242428661501749110064994692074194310286","333074141710635353878506192750459148821","324488697818634144005667743426886427551","292615346821257779676478072541527761740","127979448365627830413102206517862804601","149673926674875493432501698349040608559","212766461473315494243538781031784033833","208022587202517441148511093621772745187"]},"target":{"file":"enclave/core/sgx/calls.c"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Line","signature_version":"v1","id":"CVE-2021-33767-45c43a4d"},{"deprecated":false,"digest":{"length":763,"function_hash":"328934790553275835223543193726748463661"},"target":{"file":"host/sgx/exception.c","function":"oe_host_handle_exception"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Function","signature_version":"v1","id":"CVE-2021-33767-8a51960a"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["265631571044113625035911703363105526520","19905778826337202608239312995473106372","209578340884287720326946908203844972904","229782510146969157475717617060593396764","70932460500208587807470287009139402232","204059643723263585853680091542040539366","23713866409366500366612702436971855035","335213440555476360983285880947965323340","65137517067894616749861779559258259153","317716157495500189221508297210121774441","178765657457625245623067882651252250055","107870474812228251756459787179035044470","3186692063100886057088212826573717144","313875336639738189906074663608021148383","122566295381170393419882720023780969054","131971236144595702562776368362409612073","273290342878329320844737946709918070346","176845638157158701811631484537355191127","306843052477871515742873374071027958333","242372673677375696741056034629152806317","248287129471628561717419921483001942518","180232386298595057848058031262959109552","257125329318954553779021949314213021187","25449529020622010112017565281394614537","112649641272641782377666911151315578291"]},"target":{"file":"host/sgx/enter.c"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Line","signature_version":"v1","id":"CVE-2021-33767-a58a82c6"},{"deprecated":false,"digest":{"length":1264,"function_hash":"137870309644176578436575378657375273709"},"target":{"file":"host/sgx/enter.c","function":"oe_enter_sim"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Function","signature_version":"v1","id":"CVE-2021-33767-b234d6d3"},{"deprecated":false,"digest":{"length":1099,"function_hash":"223875049499273077577284217292671646560"},"target":{"file":"enclave/core/sgx/calls.c","function":"__oe_handle_main"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Function","signature_version":"v1","id":"CVE-2021-33767-b6f8e966"},{"deprecated":false,"digest":{"length":1813,"function_hash":"248876457670736822722892307519825440315"},"target":{"file":"enclave/core/sgx/exception.c","function":"oe_virtual_exception_dispatcher"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Function","signature_version":"v1","id":"CVE-2021-33767-bb9ac864"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["219678420874566507207295956947512913026","95023889140726955736639898425278070119","306076972546691012694353483550527662366","236022910229519249207695757935227121949","107575161850588572556723328732675750334","159274645983395053651333266411590395313","188221186623905429374128534247842366359","37226111327495898292054808179614924042","155870825179819705744409256555094218451","99909281848339727483657401222051922201"]},"target":{"file":"enclave/core/sgx/exception.c"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Line","signature_version":"v1","id":"CVE-2021-33767-c49d9c9f"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["263425315573285679954097981888305042099","127246944075765927881068588360253990486","86512753364453177872477656276593807271","36998241840649769350705745715885276714","26432681322441314835133385296761127758","261995842561122979108822844614490282369"]},"target":{"file":"enclave/core/sgx/asmdefs.h"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Line","signature_version":"v1","id":"CVE-2021-33767-d29d3ec8"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["192953239851201738039236595121882539822","264023757683190356903609689871326227629"]},"target":{"file":"include/openenclave/internal/sgx/sgxproperties.h"},"source":"https://github.com/microsoft/openenclave/commit/f2dc5343c86d93f71a47fbfb0e777e8d82d729fc","signature_type":"Line","signature_version":"v1","id":"CVE-2021-33767-fa94a843"}],"vanir_signatures_modified":"2026-04-11T17:26:01Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}]}