CVE-2024-45332

low-risk

Published 2025-05-13

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Do I need to act?

0.10% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.6/10 Medium

LOCAL / HIGH complexity

References (4)

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html

http://www.openwall.com/lists/oss-security/2025/05/13/7

https://comsec.ethz.ch/research/microarch/branch-privilege-injection/

https://lists.debian.org/debian-lts-announce/2025/05/msg00021.html

/ 100

low-risk

Severity 15/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal