NetSpectre Attack Could Enable Remote CPU Exploitation

261

Researchers from Graz University in Austria released new research on July 26 detailing how the Spectre CPU speculative execution vulnerability could be used over a remote network.

In a 14-page report, the researchers dubbed their attack method NetSpectre, which can enable an attacker to read arbitrary memory over a network. Spectre is the name that researchers have given to a class of vulnerabilities that enable attackers to exploit the speculative execution feature in modern CPUs. Spectre and the related Meltdown CPU vulnerabilities were first publicly disclosed on Jan. 3.

“Spectre attacks require some form of local code execution on the target system,” the Graz University researchers wrote. “Hence, systems where an attacker cannot run any code at all were, until now, thought to be safe.”

Read more at eWeek