Lucene search

K
cveIntelCVE-2023-28746
HistoryMar 14, 2024 - 5:15 p.m.

CVE-2023-28746

2024-03-1417:15:50
CWE-1342
intel
web.nvd.nist.gov
147
20
cve-2023-28746
information exposure
microarchitectural state
transient execution
intel atom processors
authenticated user
information disclosure
local access

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

8.3

Confidence

Low

EPSS

0

Percentile

10.3%

Information exposure through microarchitectural state after transient execution from some register files for some Intelยฎ Atomยฎ Processors may allow an authenticated user to potentially enable information disclosure via local access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Atom(R) Processors",
    "versions": [
      {
        "version": "See references",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Social References

More

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

8.3

Confidence

Low

EPSS

0

Percentile

10.3%