Details of VAR-202505-1674

ID

VAR-202505-1674

CVE

CVE-2024-45332

TITLE

Intel Processors Information Disclosure Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-21314

DESCRIPTION

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Intel Processors are a family of processors manufactured by Intel Corporation, covering a wide range of applications, including laptops, desktops, workstations, and servers, offering performance support from basic to professional levels. An information disclosure vulnerability exists in Intel Processors. An attacker could exploit this vulnerability to cause local information disclosure

Trust: 1.44

sources: NVD: CVE-2024-45332 // CNVD: CNVD-2025-21314

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-21314

AFFECTED PRODUCTS

vendor:

intel

model:

processors

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2025-21314

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@intel.com:	CVE-2024-45332
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2025-21314
value:	LOW
Trust: 0.6

CNVD:	CNVD-2025-21314
severity:	LOW
baseScore:	3.8
vectorString:	AV:L/AC:H/AU:S/C:C/I:N/A:N
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

secure@intel.com:	CVE-2024-45332
baseSeverity:	MEDIUM
baseScore:	5.6
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.1
impactScore:	4.0
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-21314 // NVD: CVE-2024-45332

PATCH

title:

Patch for Intel Processors Information Disclosure Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/732326

Trust: 0.6

sources: CNVD: CNVD-2025-21314

EXTERNAL IDS

db:	NVD	id:	CVE-2024-45332	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2025/05/13/7	Trust: 1.6
db:	CNVD	id:	CNVD-2025-21314	Trust: 0.6

sources: CNVD: CNVD-2025-21314 // NVD: CVE-2024-45332

REFERENCES

url:	http://www.openwall.com/lists/oss-security/2025/05/13/7	Trust: 1.6
url:	https://comsec.ethz.ch/research/microarch/branch-privilege-injection/	Trust: 1.0
url:	https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html	Trust: 1.0

sources: CNVD: CNVD-2025-21314 // NVD: CVE-2024-45332

SOURCES

db:	CNVD	id:	CNVD-2025-21314
db:	NVD	id:	CVE-2024-45332

LAST UPDATE DATE

2025-09-19T23:23:50.035000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-21314	date:	2025-09-16T00:00:00
db:	NVD	id:	CVE-2024-45332	date:	2025-05-16T14:43:56.797

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-21314	date:	2025-09-16T00:00:00
db:	NVD	id:	CVE-2024-45332	date:	2025-05-13T21:16:01.230