Speculative Execution Vulnerability in Intel Software Guard Extensions
CVE-2018-3615

6.4MEDIUM

Key Information:

Vendor
Intel
Status
Vendor
CVE Published:
14 August 2018

Summary

This vulnerability arises in systems using Intel Software Guard Extensions (SGX) where speculative execution might allow an attacker with local user access to exploit side-channel methods. By analyzing the L1 data cache, the attacker could potentially gain unauthorized access to sensitive information stored within an enclave, posing serious security risks to affected systems.

Affected Version(s)

Multiple Multiple

References

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.