Spectre haunts CPUs again: VMSCAPE vulnerability leaks cloud secrets

If you thought the world was done with side-channel CPU attacks, think again. ETH Zurich has identified yet another Spectre-based transient execution vulnerability that affects AMD Zen CPUs and Intel Coffee Lake processors by breaking virtualization boundaries.

The attack, dubbed VMSCAPE (CVE-2025-40300), is said to be the first Spectre-based exploit that allows a malicious guest user in a cloud environment to leak secrets from the hypervisor in the host domain without code changes – injected Return-oriented programming gadgets – and in default configuration.

The technique is described in a paper [PDF] published on Thursday, "VMSCAPE: Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud Environments," by Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi. The paper is set to be presented at the 47th IEEE Symposium on Security and Privacy.

Cloud computing depends upon virtualization to securely partition physical computing resources into virtual ones, managed by a hypervisor. VMSCAPE targets the ...