This vulnerability in OpenXiangShan NEMU involves improper enforcement of Smstateen permissions, permitting lower-privileged code to read IMSIC state through the stopei and vstopei control and status registers despite the mstateen0.IMSIC permission being disabled. The issue could allow unauthorized access to sensitive interrupt controller state information or interfere with interrupt processing, violating privilege boundaries. The CVSS 3.1 base score is 6.5 (medium severity) with network attack vector, low attack complexity, requiring low privileges, no user interaction, unchanged scope, high confidentiality impact, and no integrity or availability impact. No patch or official remediation guidance is currently available, and no known exploits have been reported in the wild.

The vulnerability allows unauthorized lower-privileged code to access IMSIC state information that should be protected, potentially causing information leakage across privilege boundaries or disruption of interrupt handling. The confidentiality impact is high, but integrity and availability are not affected. This could undermine system security by exposing sensitive interrupt controller state.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, monitor vendor communications for updates. No specific mitigations or workarounds are documented at this time.