Speculative Execution Vulnerability in Intel Processors Affects Multiple Vendors
CVE-2018-3640
5.6MEDIUM
Summary
This vulnerability affects microprocessors using speculative execution and enables attackers with local user access to exploit speculative reads of system registers. By employing side-channel analysis techniques, sensitive system parameters may be disclosed, leading to potential security breaches. The issue, identified as Rogue System Register Read (RSRE), requires awareness and prompt mitigation efforts from users and administrators to protect against unauthorized information disclosure.
Affected Version(s)
Multiple Multiple
References
CVSS V3.1
Score:
5.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved