Information Disclosure Vulnerability in Intel Processors
CVE-2018-3620
5.6MEDIUM
Summary
This vulnerability arises from how systems with microprocessors utilizing speculative execution and address translations can inadvertently allow an attacker with local user access to disclose sensitive information. By exploiting a terminal page fault alongside side-channel analysis tactics, unauthorized users may be able to gain access to confidential data stored in the L1 data cache. This poses a significant risk for systems utilizing affected Intel processors, necessitating immediate attention and mitigation actions to safeguard sensitive information.
Affected Version(s)
Multiple Multiple
References
CVSS V3.1
Score:
5.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved