diff --git a/src/libs/kata-types/src/config/hypervisor/mod.rs b/src/libs/kata-types/src/config/hypervisor/mod.rs
index b5b0a26251..7c18d69143 100644
--- a/src/libs/kata-types/src/config/hypervisor/mod.rs
+++ b/src/libs/kata-types/src/config/hypervisor/mod.rs
@@ -890,6 +890,17 @@ pub struct SecurityInfo {
     /// e.g. "path" for io.katacontainers.config.hypervisor.path"
     #[serde(default)]
     pub enable_annotations: Vec<String>,
+
+    /// qgs_port defines Intel Quote Generation Service port exposed from the host
+    #[serde(
+        default = "default_qgs_port",
+        rename = "tdx_quote_generation_service_socket_port"
+    )]
+    pub qgs_port: u32,
+}
+
+fn default_qgs_port() -> u32 {
+    4050
 }
 
 impl SecurityInfo {
diff --git a/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs b/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs
index 09a6766aee..2e5936d850 100644
--- a/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs
+++ b/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs
@@ -402,7 +402,7 @@ impl VirtSandbox {
                 Ok(Some(ProtectionDeviceConfig::Tdx(TdxConfig {
                     id: "tdx".to_owned(),
                     firmware: hypervisor_config.boot_info.firmware.clone(),
-                    qgs_port: 4050,
+                    qgs_port: hypervisor_config.security_info.qgs_port,
                     mrconfigid: None,
                     debug: false,
                 })))