all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Downfall and Zenbleed vulnerabilities

Add to bookmarks
Oct. 10, 2023, 7 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

Two side channel hardware vulnerabilities named Downfall (CVE-2022-40982) and Zenbleed (CVE-2023-20593) impact Intel and AMD processors.
"Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers. This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer. For instance, a malicious app obtained from an app store could use the Downfall attack to steal sensitive information like passwords, encryption keys, and private …

access amd attacks channel cloud computer computers critical cve cve-2023-20593 data downfall found hardware hardware vulnerabilities impact intel personal processors share steal target vulnerabilities vulnerability weakness zenbleed

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiAuthenticator - Open Redirect on /portal/disclaimer 2 days, 21 hours ago | fortiguard.fortinet.com
attacker cwe disclaimer may +8
Exposure of password hashes to read-only admin 2 days, 21 hours ago | fortiguard.fortinet.com
admin control cwe data +11
Double free with double usage of json_object_put 2 days, 21 hours ago | fortiguard.fortinet.com
attacker code commands cwe +9
Format String Bug in cli command 2 days, 21 hours ago | fortiguard.fortinet.com
amp arbitrary code arbitrary code execution attacker +19
Client IP relies on X-Forwarded-For and other headers 2 days, 21 hours ago | fortiguard.fortinet.com
attack bypass client cwe +10
Buffer overflow in administrative interface 2 days, 21 hours ago | fortiguard.fortinet.com
arbitrary code attacker buffer buffer overflow +13
Code injection in playbook code snippet step 2 days, 21 hours ago | fortiguard.fortinet.com
arbitrary code attacker code code injection +7
Client-side enforcement of server-side security related to customer reports features 2 days, 21 hours ago | fortiguard.fortinet.com
access account attacker client +16
HTTP/2 CONTINUATION Frames Vulnerability 2 days, 21 hours ago | fortiguard.fortinet.com
attack can connection crash +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Brand Experience and Development Associate (Libby's Pumpkin)

@ Nestlé | Arlington, VA, US, 22209
View on infosec-jobs.com

Cybersecurity Analyst

@ L&T Technology Services | Milpitas, CA, US
View on infosec-jobs.com

Information Security Analyst

@ Fortinet | Burnaby, BC, Canada
View on infosec-jobs.com