Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
Threat-Mapped Scoring
Score: 3.0
Priority: P2 - Serious (High)
S1 – Steal Customer Account Information
EPSS
Score: 0.00067Percentile:
0.21016
CVSS Scoring
CVSS v3.1 Score: 4.4
Severity: MEDIUM
Mapped CWE(s)
CWE-862
: Missing Authorization
All CAPEC(s)
CAPEC-665 : Exploitation of Thunderbolt Protection Flaws
CAPEC(s) with Mapped TTPs
CAPEC-665 : Exploitation of Thunderbolt Protection Flaws
Mapped TTPs:
T1211
: Exploitation for Defense Evasion
T1542.002
: Component Firmware
T1556
: Modify Authentication Process
Mapped ATT&CK TTPs
T1211
: Exploitation for Defense Evasion
Kill Chain: defense-evasion
T1542.002
: Component Firmware
Kill Chain: persistence
T1556
: Modify Authentication Process
Kill Chain: credential-access
Malware
APTs Threat Group Associations
Campaigns
Affected Products
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me