Attacker Value
Very Low
(1 user assessed)
Exploitability
Very Low
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

Intel CPU Memory Mapping Local Information Leak: 'Spoiler'

Disclosure Date: April 17, 2019
CVE-2019-0162
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access.

Add Assessment

1
Ratings
  • Attacker Value
    Very Low
  • Exploitability
    Very Low
Common in enterpriseNo useful accessRequires physical access
Technical Analysis

Another in the long line of speculative side-channel attacks, this increases the effectiveness of existing attacks, but is also disabled by similar mitigations. Unlikely to be used in any practical way by an attacker, there are many more sources of low-hanging fruit.

Log in to Add Reply
CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Microprocessor Memory Mapping Advisory Some Microprocessors with Virtual Memory Mapping.
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • intel

Products

  • - -

Additional Info

Authenticated
Always
Exploitable
Always
Reliability
Very Weak
Stability
Very Weak
Available Mitigations
Unknown
Shelf Life
Very Long
Userbase/Installbase
Very Large
Patch Effectiveness
Unknown
Technical Analysis