CVE-2024-45332

medium

Description

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

References
More

https://www.securityweek.com/chipmaker-patch-tuesday-intel-amd-arm-respond-to-new-cpu-attacks/

https://www.theregister.com/2025/05/13/intel_spectre_race_condition/

https://www.bleepingcomputer.com/news/security/new-intel-cpu-flaws-leak-sensitive-data-from-privileged-memory/

https://cloud.google.com/support/bulletins/index#gcp-2025-025

https://comsec.ethz.ch/research/microarch/branch-privilege-injection/

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html

http://www.openwall.com/lists/oss-security/2025/05/13/7

Details

Source: Mitre, NVD

Published: 2025-05-13

Updated: 2025-05-14

Named Vulnerability: Branch Privilege Injection

Risk Information

CVSS v2

Base Score: 3.8

Vector: CVSS2#AV:L/AC:H/Au:S/C:C/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.6

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Severity: Medium

CVSS v4

Base Score: 5.7

Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Severity: Medium

EPSS

EPSS: 0.00012