PT-2018-1001 · Microsoft+7 · Windows+11
Jann Horn
·
Published
2018-01-03
·
Updated
2025-12-10
·
CVE-2017-5753
CVSS v3.1
5.6
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Systems with microprocessors utilizing speculative execution and branch prediction (affected versions not specified)
Description
The issue is related to microprocessors utilizing speculative execution and branch prediction, which may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This can be used to read the content of memory across a trusted boundary, leading to information disclosure. Microsoft released several updates to help mitigate the vulnerability, preventing attackers from triggering a weakness in the CPU that could allow the contents of memory to be disclosed.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Information Disclosure
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Centos
Edge
Ibm Aix
Internet Explorer
Sql Server
Windows
Red Hat
Suse
Ubuntu
Vmware Vcenter
Vmware Workstation