{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-43420","assignerOrgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","state":"PUBLISHED","assignerShortName":"intel","dateReserved":"2024-09-19T03:00:23.071Z","datePublished":"2025-05-13T21:03:09.384Z","dateUpdated":"2025-11-03T19:30:40.396Z"},"containers":{"cna":{"providerMetadata":{"orgId":"6dda929c-bb53-4a77-a76d-48e79601a1ce","shortName":"intel","dateUpdated":"2025-05-13T21:03:09.384Z"},"problemTypes":[{"descriptions":[{"lang":"en","description":"Information Disclosure"},{"lang":"en","description":"Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution","cweId":"CWE-1423","type":"CWE"}]}],"affected":[{"vendor":"n/a","product":"Intel Atom(R) processors","versions":[{"version":"See references","status":"affected"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may allow an authenticated user to potentially enable information disclosure via local access."}],"references":[{"name":"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html","url":"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","baseScore":5.6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cvssV4_0":{"version":"4.0","baseScore":5.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE"}}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-14T13:59:10.424631Z","id":"CVE-2024-43420","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-14T14:01:31.886Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00021.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:30:40.396Z"}}]}}