...
Spectre V1 has been demonstrated to bypass protections provided by Intel SGX. Intel has updated the SGX SDK to mitigate these vulnerabilities when the SGX enclaves are rebuilt.
https://software.intel.com/sites/default/files/managed/e1/ec/SGX_SDK_Developer_Guidance-CVE-2017-5753.pdf
Spectre V1 has also been demonstrated to access bypass protections provided by the System Management Range Register (SMRR) to access protected System Management Mode (SMM) memory.
https://blog.eclypsium.com/2018/05/17/system-management-mode-speculative-execution-attacks/
Spectre V1 has also been demonstrated vulnerable to attacks directly over the network can be exploited over network connections rather than through local code execution of remotely delivered code such as JavaScript. This remote attack is known as NetSpectre.
https://misc0110.net/web/files/netspectre.pdf
...