Information Disclosure Vulnerability in Intel Processors
CVE-2025-35979

6.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Processors
Vendor: CVE Published:; 12 May 2026

What is CVE-2025-35979?

This vulnerability arises from the exposure of sensitive information due to shared microarchitectural predictor state in certain Intel processors when operating in VMX non-root mode. An adversary with local access and authenticated user privileges can exploit this flaw through a complex attack, potentially leading to unauthorized data exposure. The attack does not require specialized internal knowledge and occurs without user interaction, posing a risk to the confidentiality of sensitive information managed by the vulnerable system.

Affected Version(s)

Intel(R) Processors See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Apr 15, 2025

CVE-2025-35979 Data

JSON