Description
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (none) and availability (none) impacts.
Published: 2026-05-12
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Intel processors that support VMX non‑root guest execution can expose sensitive data owing to shared microarchitectural predictor state that influences transient execution. This vulnerability corresponds to CWE‑1423 (information disclosure via reliable channel) and CWE‑1037 (shared state leakage), indicating a flaw involving shared processor state. An local unprivileged attacker who authenticates to the host and compromises a guest VM can exploit this to read data that should remain confidential. The vulnerability delivers a high impact on confidentiality while having no effect on integrity or availability.

Affected Systems

All Intel CPUs that implement Intel Virtualization Technology (VT‑x) and expose guest operating systems running in VMX non‑root mode are potentially vulnerable. Because the description does not list specific models, any processor that is covered by Intel SA‑01420 should be considered.

Risk and Exploitability

The CVSS base score of 6.8 indicates moderate severity. The EPSS score is 0.00017, which is well below 1%, indicating a very low exploitation probability. The vulnerability is not yet listed in the CISA KEV catalog. Attacks require local host access, unprivileged guest processes, and high complexity, but they can be carried out without user interaction. Given the confidential nature of the data that can be exfiltrated, vigilance is warranted.

Generated by OpenCVE AI on May 30, 2026 at 01:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Intel firmware or microcode update that addresses the CWE‑1423 predictor state leakage for VMX guests.
  • If no firmware update is available, consider disabling Intel VT‑x (VMX) on the affected hosts to mitigate the CWE‑1423 vulnerability.
  • For hypervisor owners, isolate guest memory and apply hypervisor patches that mitigate transient execution and enforce best‑practice virtualization hardening measures, addressing the CWE‑1423 weakness.

Generated by OpenCVE AI on May 30, 2026 at 01:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 30 May 2026 00:15:00 +0000

Type Values Removed Values Added
Title Intel Processor Vulnerability Exposes Sensitive Data via Transient Execution in VMX Guest Mode kernel: Kernel: Information disclosure via shared microarchitectural predictor state in Intel(R) Processors
Weaknesses CWE-1037
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N'}

threat_severity

Moderate

Wed, 13 May 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Intel
Intel intel Processors
Vendors & Products Intel
Intel intel Processors

Tue, 12 May 2026 18:15:00 +0000

Type Values Removed Values Added
Title Intel Processor Vulnerability Exposes Sensitive Data via Transient Execution in VMX Guest Mode

Tue, 12 May 2026 16:45:00 +0000

Type Values Removed Values Added
Description Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (none) and availability (none) impacts.
Weaknesses CWE-1423
References
Metrics cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N'}

Subscriptions

Intel Intel Processors
cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published:

Updated: 2026-05-12T17:06:38.320Z

Reserved: 2025-04-15T21:20:16.409Z

Link: CVE-2025-35979

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-12T17:16:13.347

Modified: 2026-05-13T15:52:56.850

Link: CVE-2025-35979

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-12T16:35:09Z

Links: CVE-2025-35979 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-30T02:00:11Z

Weaknesses
  • CWE-1037

    Processor Optimization Removal or Modification of Security-critical Code

  • CWE-1423

    Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution