CVSS Score v3.1
5.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS Score
0.0023
45.8th percentile
Risk Priority
11
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2022-23960 is a medium-severity an unspecified weakness vulnerability in Arm Cortex-A57 . Its CVSS base score is 5.6 (Medium).
Operationally, ranked at the 45.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
Vulnerability
Related Threats
Affected Assets
Mitigating Controls
Vulnerability details
Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the…
more attacker to obtain sensitive information.
CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
arm
cortex-r7 firmware
all versions
arm
cortex-r8 firmware
all versions
arm
cortex-a57 firmware
all versions
arm
cortex-a65 firmware
all versions
arm
cortex-a65ae firmware
all versions
arm
cortex-a710 firmware
all versions
arm
cortex-a72 firmware
all versions
arm
cortex-a73 firmware
all versions
arm
cortex-a75 firmware
all versions
+12 more product configuration(s) — see NVD for full list
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.
References
Mailing List, Patch, Third Party Advisory · cve@mitre.org
Vendor Advisory · cve@mitre.org
Mitigation, Patch, Vendor Advisory · cve@mitre.org
Mailing List, Third Party Advisory · cve@mitre.org
Third Party Advisory · cve@mitre.org
Mailing List, Patch, Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory · af854a3a-2127-422b-91ae-364da2661108
Mitigation, Patch, Vendor Advisory · af854a3a-2127-422b-91ae-364da2661108
Mailing List, Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108