Vulnerabilites related to AMD - Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael”
CVE-2023-20596 (GCVE-0-2023-20596)
Vulnerability from cvelistv5
Published
2023-11-14 18:55
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ▼ | AMD | Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Formerly codenamed “Cezanne” AM4 |
Version: various |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:36.288Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Formerly codenamed “Cezanne” AM4", vendor: "AMD", versions: [ { status: "affected", version: "various ", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael”", vendor: "AMD", versions: [ { status: "affected", version: "various ", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael” X3D", vendor: "AMD", versions: [ { status: "affected", version: "various ", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”", vendor: "AMD", versions: [ { status: "affected", version: "various ", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics \"Rembrandt\"", vendor: "AMD", versions: [ { status: "affected", version: "various ", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”", vendor: "AMD", versions: [ { status: "affected", version: "various ", }, ], }, { defaultStatus: "unaffected", packageName: "PI", platforms: [ "x86", ], product: "Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Formerly codenamed “Phoenix”", vendor: "AMD", versions: [ { status: "affected", version: "various ", }, ], }, ], datePublic: "2023-11-14T17:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n<br>", }, ], value: "Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.\n\n\n\n\n\n\n\n\n", }, ], providerMetadata: { dateUpdated: "2023-11-14T18:55:14.665Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011", }, ], source: { advisory: "AMD-SB-7011", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-20596", datePublished: "2023-11-14T18:55:14.665Z", dateReserved: "2022-10-27T18:53:39.763Z", dateUpdated: "2024-08-02T09:05:36.288Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }