Information Disclosure Vulnerability in Microprocessors by Intel
CVE-2018-3646
5.6MEDIUM
Summary
This vulnerability arises from the architecture of Intel microprocessors, where speculative execution and address translations can potentially allow unauthorized users with local access to gain sensitive data from the L1 data cache. Attackers could exploit this flaw through techniques like terminal page faults and side-channel analysis, posing a significant risk to systems reliant on these processors, particularly in environments with multi-tenant architectures.
Affected Version(s)
Multiple Multiple
References
EPSS Score
5% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
5.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved