Side-Channel Attack Vulnerability in Microprocessors by Unknown Vendor
CVE-2018-9056

5.6MEDIUM

Key Information:

Vendor
Intel
Status
Vendor
CVE Published:
27 March 2018

Summary

This vulnerability affects microprocessors that utilize speculative execution, enabling unauthorized information disclosure to attackers with local user access. Through the exploitation of the directional branch predictor, specifically the pattern history table (PHT), unauthorized users can gain access to sensitive information via side-channel attacks. This exploit demonstrates the potential risks inherent in modern microprocessor design and highlights the need for enhanced security measures.

References

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.