CVE-2025-24495

Published May 13, 2025

Last updated 5 days ago

CVSS medium 6.8
Intel Core Ultra Processors

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-24495 involves an incorrect initialization of resources within the branch prediction unit of certain Intel Core Ultra Processors. This vulnerability could allow a user with local access and authentication to potentially enable information disclosure. The vulnerability stems from improper handling during the initialization phase, which can be exploited by an authenticated user. Successful exploitation could lead to the disclosure of sensitive information.

Description
Incorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access.
Source
secure@intel.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
6.8
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
MEDIUM

CVSS 3.1

Type
Secondary
Base score
5.6
Impact score
4
Exploitability score
1.1
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Severity
MEDIUM

Social media

Hype score
Not currently trending

  1. Researchers discovered Intel CPU flaws CVE-2024-28956 and CVE-2025-24495 that leak kernel memory and revive Spectre v2 attacks. Patches are available but the risk spans many modern processors. #IntelSecurity #CPUFlaws #SpectreV2 #MemoryLeak #CyberThreats #DataProtection https://t

    @CloneSystemsInc

    16 May 2025

    49 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 💻 Spectre Isn’t Dead. It’s Mutating! New CPU flaw hits ALL modern Intel chips. 🛠 Researchers at ETH Zurich and VUSec uncovered Spectre-style Intel CPU flaws (CVE-2024-45332, CVE-2024-28956, CVE-2025-24495) that leak memory across users, guests, and ... https://t.co/FnN

    @IT_news_for_all

    16 May 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 💻 Spectre Isn’t Dead. It’s Mutating! New CPU flaw hits ALL modern Intel chips. 🛠 Researchers at ETH Zurich and VUSec uncovered Spectre-style Intel CPU flaws (CVE-2024-45332, CVE-2024-28956, CVE-2025-24495) that leak memory across users, guests, and hosts—at rates up

    @TheHackersNews

    16 May 2025

    17623 Impressions

    60 Retweets

    107 Likes

    20 Bookmarks

    1 Reply

    5 Quotes

References

Sources include official advisories and independent security research.