A software-based fault-injection attack that exploits dynamic random-access memory disturbance errors via user-space applications and allows the at­tacker to infer information about certain victim secrets stored in memory cells. Mounting this attack requires the attacker to control a user-space unprivileged process that runs on the same machine as the victim’s machine learning model.

Source: NIST AI 100-2e2025 | Category: