IM
IronMonkey Threat Research

CVE-2024-28956 MEDIUM

Published: 2025-05-13 | Last Modified: 2026-07-14 | Status: Deferred

Description

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Additional Descriptions (1)

La exposición de información confidencial en Shared Microarchitectural Structures durante la ejecución transitoria de algunos procesadores Intel® puede permitir que un usuario autenticado habilite potencialmente la divulgación de información a través del acceso local.

CVSS Metrics

Base Score: 5.6 (MEDIUM)

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack VectorLOCAL
Attack ComplexityHIGH
Privileges RequiredLOW
User InteractionNONE
ScopeCHANGED
Confidentiality ImpactHIGH
Integrity ImpactNONE
Availability ImpactNONE

Source: [email protected]

Type: Secondary

Exploitability Score: 1.1

Impact Score: 4.0

Base Score: 5.7 (MEDIUM)

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack VectorLOCAL
Attack ComplexityHIGH
Attack RequirementsPRESENT
Privileges RequiredLOW
User InteractionNONE
Vulnerability ConfidentialityHIGH
Vulnerability IntegrityNONE
Vulnerability AvailabilityNONE
Subsequent ConfidentialityNONE
Subsequent IntegrityNONE
Subsequent AvailabilityNONE

Source: [email protected]

Type: Secondary

Notification
Message here