CVE Database · CVE-2018-5407
CVSS v3.1
4.7
EPSS
3.42%
Published
Nov 15, 2018
Modified
Nov 21, 2024
Public PoC / Exploit (2)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NWeaknesses (CWE)
Affected Products (41)
References (20)