Cyber Resilience

CVE-2017-5753

MediumPublic PoCUpdated

Published: 04 January 2018

Published
04 January 2018
Modified
28 May 2026
KEV Added
Patch
CVSS Score v3.1 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS Score 0.9384 99.8th percentile
Risk Priority 80 floored blend · peak EPSS

Summary

CVE-2017-5753 is a medium-severity Observable Discrepancy (CWE-203) vulnerability in Vmware Esxi. Its CVSS base score is 5.6 (Medium).

Operationally, ranked in the top 0.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

CWE(s)

Related Threats

CVEs Like This One

CVE-2014-6271Same product: Canonical Ubuntu Linux
CVE-2025-22226Same product: Vmware Esxi
CVE-2025-22224Same product: Vmware Esxi
CVE-2025-22225Same product: Vmware Esxi
CVE-2023-43029Same product class: hypervisor / virtualization
CVE-2017-5754Same product: Intel Atom C
CVE-2025-21510Same vendor: Oracle
CVE-2024-43095Shared CWE-203
CVE-2025-27667Shared CWE-203
CVE-2025-1468Shared CWE-203

Affected Assets

intel
atom c
c2308, c2316, c2338, c2350, c2358
intel
atom e
e3805, e3815, e3825, e3826, e3827
intel
atom x3
c3130, c3200rk, c3205rk, c3230rk, c3235rk
intel
atom x5-e3930
all versions
intel
atom x5-e3940
all versions
intel
atom x7-e3950
all versions
intel
atom z
z2420, z2460, z2480, z2520, z2560
intel
celeron j
j1750, j1800, j1850, j1900, j3060
intel
celeron n
n2805, n2806, n2807, n2808, n2810
intel
core i3
2100, 2100t, 2102, 2105, 2115c
+298 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-203

Misdirection can normalize or falsify responses to eliminate observable discrepancies that aid reconnaissance.

addresses: CWE-203

Observable discrepancies in system behavior can be modulated to create covert storage or timing channels; the required analysis detects and constrains such avenues.

addresses: CWE-203

Prevents attackers from using observable differences in error responses to infer internal system details or state.

References