The latest security information on Intel® products.

Potential Intel® SGX Key Disclosure

Announcement ID:

2026-04-08-001

Issue:

On March 31, 2026, a researcher affiliated with Positive Technologies posted that he had “extracted the Global Wrapping Key from an instance of Intel Gemini Lake Platform."

Based on Intel analysis, the activity appears to extend previously addressed research. The researcher previously indicated that they were running tests on systems they have physical access to, which are not up to date with the latest mitigations and are not properly configured with Intel recommended Flash Descriptor write protection (which occurs as part of end of manufacturing by system manufacturers). Researchers are using previously mitigated vulnerabilities dating as far back as 2017 to gain access to an Intel Unlocked state (aka “Red Unlocked”). See “Additional Resources” for technical papers describing these issues.

In this latest posting, the researcher claims to have additionally identified a Global Wrapping Key, which is used to decrypt the device-specific Intel® Software Guard Extensions (Intel® SGX) key. This specific issue only impacts Intel Gemini Lake and Gemini Lake Refresh platforms using Intel SGX including products that have exited baseline servicing. Intel® Trust Domain Extensions (Intel® TDX) is not affected.

Potentially Affected Intel Platforms:

Product Collection	CPUID
Intel Pentium Processor Silver Series	706A1, 706A8
Intel Celeron Processor J Series	706A1, 706A8
Intel Celeron Processor N Series	706A1, 706A8

Note: Intel platform CPUID 706A1 has exited the baseline servicing timeframe.

Resolution/Recommendations:

Ensure the system manufacturer configured systems at the end of manufacturing to enable Intel® Firmware Version Control to help prevent this and other vulnerabilities.
System manufacturers, complete End of Manufacturing process, set Manufacturing Mode to Disabled, and enable Intel® Firmware Version Control.
Ensure all security mitigations provided by Intel are applied.
Customers can use Intel’s open source CHIPSEC tool to verify the security configuration of their firmware.
Intel will be updating the attestation system (Intel® SGX Provisioning Certification Service) for the potentially affected platform to reference the updated Security Advisory INTEL-SA-00609. More information regarding these updates can be found on the applicable SGX Forum post when available.

Additional Resources:

End of Servicing Updates site

INTEL-SA-00609

INTEL-SA-00086

Intel® Management Engine Critical Firmware Update (Intel-SA-00086)

INTEL-SA-00213

IPAS: Bug Bounty Bonus: Pentium®, Intel Atom®, and Celeron® Processors - Intel Community

Intel Converged Security Management Engine (CSME)

The Intel Converged Security Management Engine (CSME) Delayed Authentication Mode (DAM) vulnerability – CVE-2018-3659 and CVE-2018-3643

Revision History

Revision	Date	Description
1.0	2026-04-08	Initial Release

View all Show less

Legal Notices and Disclaimers

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

© Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries United States and other countries. Other names and brands may be claimed as the property of others.

Report a Vulnerability

If you have information about a security issue or vulnerability affecting an Intel branded product or technology, submit submit your report via the Intigriti platform, where you'll find eligibility criteria and submission instructions. All vulnerability reports must be submitted through Intigriti.

For issues not related to reporting security vulnerabilities, contact Intel PSIRT.

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

Need product support?

If you...

Have questions about the security features of an Intel product
Require technical support
Want product updates or patches

Please visit Support & Downloads.

Select Your Language

Using Intel.com Search

Quick Links

Recent Searches

Advanced Search

Only search in