Security researchers have discovered a generic remote Spectre variant 1 attack dubbed NetSpectre that can be carried out over the network.
The researchers and academics from the Graz University of Technology in Austria published details on NetSpectre in a research paper named “NetSpectre: Read Arbitrary Memory over Network.”
The NetSpectre attack is also related to the Spectre v1 vulnerability (CVE-2017-5753).
An excerpt of NetSpectre from the research paper:
“NetSpectre marks a paradigm shift from local attacks, to remote attacks, exposing a much wider range and larger number of devices to Spectre attacks. Spectre attacks now must also be considered on devices which do not run any potentially attacker-controlled code at all. We show that especially in this remote scenario, attacks based on weaker gadgets which do not leak actual data, are still very powerful to break address-space layout randomization remotely. Several of the Spectre gadgets we discuss are more versatile than anticipated.”
The research also highlights some of the challenges for future research on Spectre attacks and Spectre mitigations.