Page 2 of 12 results (0.010 seconds)

CVSS: 7.2EPSS: 0%CPEs: 758EXPL: 0

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system. Corrupción de memoria en Intel Active Management Technology en Intel Converged Security Manageability Engine con versiones de firmware 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, 11.6, 11.7, 11.10 y 11.20 podría ser provocada por un atacante con permisos de administrador locales en el sistema. • http://www.securitytracker.com/id/1041362 https://security.netapp.com/advisory/ntap-20190327-0001 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html • CWE-787: Out-of-bounds Write •

CVSS: 5.6EPSS: 0%CPEs: 500EXPL: 0

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan lecturas especulativas de registros del sistema podrían permitir la divulgación no autorizada de parámetros del sistema a un atacante con acceso de usuario local mediante un análisis de canal lateral. Esto también se conoce como Rogue System Register Read (RSRE), Variant 3a. • http://support.lenovo.com/us/en/solutions/LEN-22133 http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html http://www.securityfocus.com/bid/104228 http://www.securitytracker.com/id/1040949 http://www.securitytracker.com/id/1042004 https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability https:&#x • CWE-203: Observable Discrepancy •

CVSS: 5.6EPSS: 0%CPEs: 665EXPL: 5

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan la ejecución especulativa de lecturas de memoria antes de que se conozcan las direcciones de todas las anteriores escrituras de memoria podrían permitir la divulgación no autorizada de información a un atacante con acceso de usuario local mediante un análisis de canal lateral. Esto también se conoce como Speculative Store Bypass (SSB), Variant 4. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). • https://www.exploit-db.com/exploits/44695 https://github.com/mmxsrup/CVE-2018-3639 https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4- https://github.com/malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html http://support.lenovo.com/us/en/solutions/LEN-2213 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •

CVSS: 5.6EPSS: 0%CPEs: 1065EXPL: 1

Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope. Los sistemas con microprocesadores que utilizan ejecución especulativa podrían permitir la revelación de información no autorizada a un atacante con acceso de usuario local mediante un ataque de canal lateral en el predictor de saltos direccional, como se ha demostrado por una tabla de historial de patrones (PHT), también conocido como BranchScope. • http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf https://arstechnica.com/gadgets/2018/03/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.6EPSS: 97%CPEs: 1090EXPL: 3

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción indirecta de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. • https://www.exploit-db.com/exploits/43427 https://github.com/GalloLuigi/Analisi-CVE-2017-5715 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html http://lists.opensuse.org/opensuse& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •