Speculative Execution Vulnerability in Intel Software Guard Extensions
CVE-2018-3615
6.4MEDIUM
Summary
This vulnerability arises in systems using Intel Software Guard Extensions (SGX) where speculative execution might allow an attacker with local user access to exploit side-channel methods. By analyzing the L1 data cache, the attacker could potentially gain unauthorized access to sensitive information stored within an enclave, posing serious security risks to affected systems.
Affected Version(s)
Multiple Multiple
References
CVSS V3.1
Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved