Google and Intel have recently disclosed the results of their collaboration work on the security audit of the mechanism known as Intel TDX 1.5 (Trusted Domain Extensions). Intel TDX technology provides the capability to encrypt the memory of virtual machines, safeguarding them against interference and analysis by the host system administrator, as well as protecting against physical attacks on the equipment. The audit identified 6 vulnerabilities and 35 errors that do not impact security.
The vulnerabilities impact the Intel Xeon 6 CPU, along with the 4th and 5th generations of Intel Xeon Scalable processors. These vulnerabilities were addressed in a microcode update released yesterday. Additionally, a toolkit for exploiting vulnerabilities in Intel TDX and prototypes for two specific vulnerabilities (CVE-2025-30513, CVE-2025-32007) have been made public on GitHub.
The most severe vulnerability (CVE-2025-30513) allows an untrustworthy administrator with host system access to elevate their privileges and compromise the security guarantees offered by Intel TDX technology. This vulnerability stems from a race condition in one of the TDX modules, enabling the transfer of the protected environment from a state supporting migration to a state allowing transfer to debug mode during virtual machine migration.
This vulnerability arises from the ability to alter environment attributes after passing their check but before transitioning to an immutable state in the migrated environment. By setting the debug attribute, the host system administrator can monitor the guest system’s activity in real-time and access the decrypted memory state.
Identified by Google researchers, this vulnerability is relatively straightforward to exploit since the administrator can initiate live migration of a protected virtual machine at any moment. The flaw was discovered during an analysis of the API, which revealed inconsistencies in how the Finite State Machine manages operation states and handles interruptions.
Other vulnerabilities identified were deemed less dangerous.