More than seven years after the original Spectre exploit sent shockwaves through the hardware world, researchers at ETH Zürich have uncovered yet another serious Intel CPU security flaw, and this one may affect every modern Intel processor in use today.
The newly discovered vulnerability, named Branch Privilege Injection (BPI), allows attackers to exploit how Intel CPUs predict program behavior to gain unauthorized access to sensitive data. According to ETH Zürich’s Computer Security Group (COMSEC), the flaw allows malicious users to manipulate branch prediction systems and potentially access the memory or cache of privileged processes running on the same CPU.
Kaveh Razavi, head of COMSEC and co-author of the study, explained that this kind of attack could allow unprivileged users to read working memory or processor cache from high-privilege processes—opening the door to everything from data leakage to targeted espionage in shared environments.
Intel has acknowledged the issue and released microcode patches to mitigate it. The vulnerability has been assigned CVE-2024-45332, with a CVSS v4 severity score of 5.7, indicating moderate risk. In an advisory issued on May 13, Intel stated that the flaw stems from shared microarchitectural predictor states used during transient execution—a core element of Spectre-style attacks.
BPI Joins a Growing List of Spectre-Like Vulnerabilities Targeting Intel CPUs
The ETH disclosure comes hot on the heels of another set of dangerous vulnerabilities discovered by researchers from the Systems and Network Security Group (VUSec) at Vrije Universiteit Amsterdam. Their findings reveal self-training Spectre v2-style attacks—codenamed Training Solo—that no longer rely on traditional sandboxed environments to leak data across privilege boundaries.
According to the study, attackers can use speculative execution flaws to hijack control flow inside a kernel and siphon secrets from high-privilege processes, undermining kernel-level isolation and reviving once-mitigated Spectre attack vectors.
Two more CVEs have been assigned:
- CVE-2024-28956 (CVSS v4: 5.7): Affects Intel Core 9th–11th Gen and Intel Xeon 2nd–3rd Gen. Known as Indirect Target Selection (ITS).
- CVE-2025-24495 (CVSS v4: 6.8): Targets Intel CPUs built on Lion Cove core architecture and exploits issues in its Branch Prediction Unit (BPU).
The VUSec team claims these hardware-level flaws can leak kernel memory at speeds of up to 17 Kb/s, effectively breaking down boundaries between user processes, virtual machines, and even host operating systems.
While Intel has released microcode updates addressing both issues, AMD has updated its guidance around Spectre and Meltdown to specifically warn about risks associated with the classic Berkeley Packet Filter (cBPF), which may also expose systems to similar side-channel attacks.
As hardware vulnerabilities continue to resurface—even years after initial disclosure—it’s becoming increasingly clear that Spectre-era security risks are far from over. System administrators and security teams are once again urged to apply the latest firmware patches and revisit mitigation strategies.
