{"vulnerability": "cve-2023-2059", "sightings": [{"uuid": "b9ba426b-1612-421d-b94a-e43dc459d43b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20599", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114660344390922177", "content": "", "creation_timestamp": "2025-06-10T17:53:29.547507Z"}, {"uuid": "d5e81b0f-e517-4178-9746-afe61dac36e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "https://t.me/habr_com_news/19994", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Google \u0422\u044d\u0432\u0438\u0441 \u041e\u0440\u043c\u0430\u043d\u0434\u0438 \u0432\u044b\u044f\u0432\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-20593 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 AMD Zen2. \u0415\u0451 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u043e\u0432 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432 \u043d\u0430 \u0442\u043e\u043c \u0436\u0435 \u044f\u0434\u0440\u0435 CPU.\n\n#\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2023-08-28T13:29:19.000000Z"}, {"uuid": "761a473f-98c2-465a-a255-c3591ad0d568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4840", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA zenbleed (CVE-2023-20593) POC for windows\nURL\uff1ahttps://github.com/w1redch4d/windowz2-bleed\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-01T04:44:02.000000Z"}, {"uuid": "f0a6b9c8-6118-43f2-90c3-88a250966d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20597", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19790", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20597\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.\n\ud83d\udccf Published: 2023-09-20T17:32:18.969Z\n\ud83d\udccf Modified: 2025-06-27T21:45:52.386Z\n\ud83d\udd17 References:\n1. https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4007", "creation_timestamp": "2025-06-27T21:55:01.000000Z"}, {"uuid": "7762ed19-7170-401b-9a44-170aa65e003b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20594", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19793", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20594\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.\n\ud83d\udccf Published: 2023-09-20T17:27:59.742Z\n\ud83d\udccf Modified: 2025-06-27T21:41:58.197Z\n\ud83d\udd17 References:\n1. https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4007", "creation_timestamp": "2025-06-27T21:55:04.000000Z"}, {"uuid": "6b8221e3-7d87-45dc-a138-5d73fa11df68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20599", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17933", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20599\n\ud83d\udd25 CVSS Score: 7.9 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N)\n\ud83d\udd39 Description: Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP\u2019s Crypto Co-Processor (CCP) registers from x86, resulting in potential loss of control of cryptographic key pointer/index, leading to loss of integrity or confidentiality.\n\ud83d\udccf Published: 2025-06-10T16:15:03.641Z\n\ud83d\udccf Modified: 2025-06-10T16:15:03.641Z\n\ud83d\udd17 References:\n1. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7039.html", "creation_timestamp": "2025-06-10T16:32:01.000000Z"}, {"uuid": "5817b7f2-01a7-4a33-817d-426b4434212c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20598", "type": "published-proof-of-concept", "source": "https://t.me/ptescalator/438", "content": "OldGremlin with old tricks\n\nOldGremlin \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u043a\u0430\u043a \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \ud83d\ude2d. \u0414\u043b\u044f \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0440\u0430\u0431\u043e\u0442\u044b \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043e\u0432 (\u0434\u0430 \u0438 \u043b\u044e\u0431\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c) \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 TinyKiller, \u0441\u043e\u0441\u0442\u043e\u044f\u0449\u0438\u0439 \u0438\u0437 \u0442\u0440\u0435\u0445 \u0444\u0430\u0439\u043b\u043e\u0432:\n\n\ud83d\udc3e patcher_pdfw.exe \u2014 \u043f\u0430\u0442\u0447\u0435\u0440 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 avkd.sys;\n\ud83d\udc3e avkd.sys \u2014 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440;\n\ud83d\udc3e PdFwKrnl.sys \u2014 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 AMD Radeon Driver, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041f\u0430\u0442\u0447\u0435\u0440 \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-20598 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 AMD \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u0432\u043e\u0435\u0433\u043e \u043d\u0435\u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \ud83d\ude09. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0430\u0440\u044b\u0439 \u0442\u0440\u044e\u043a \u2014 \u043e\u0431\u0445\u043e\u0434 \u0437\u0430\u0449\u0438\u0442\u044b Driver Signature Enforcement (DSE), \u0432\u044b\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u0444\u043b\u0430\u0433. \u0412 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Windows 8 \u0434\u043e 9600 \u0431\u0438\u043b\u0434\u0430 \u044d\u0442\u043e\u0442 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u043d\u0430\u0437\u044b\u0432\u0430\u043b\u0441\u044f nt!g_CiEnabled \u0438 \u043d\u0430\u0445\u043e\u0434\u0438\u043b\u0441\u044f \u0432 ntoskrnl.exe. \u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0437\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043e\u0442\u0432\u0435\u0447\u0430\u043b \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 CI!g_CiOptions \u0438\u0437 CI.dll.\n\n\u041f\u0440\u043e\u0446\u0435\u0441\u0441 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0430\u0434\u0440\u0435\u0441\u0430 \u044d\u0442\u043e\u0433\u043e \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0442\u0440\u0443\u0434\u043e\u0435\u043c\u043e\u043a \ud83d\ude2b \u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u043f\u0438\u0441\u0430\u043d \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0438. \u041f\u043e\u043b\u0443\u0447\u0438\u0432 \u0430\u0434\u0440\u0435\u0441 \u0444\u043b\u0430\u0433\u0430, \u043f\u0430\u0442\u0447\u0435\u0440 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440.\n\n\u0415\u0441\u043b\u0438 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439, \u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0438\u0441\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f ioctl 0x80002014, 0x80002020, 0x80002028 \u0438 0x8000202C \ud83d\ude28. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043f\u0435\u0440\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043f\u0430\u043a\u0435\u0442 \u0434\u043b\u044f \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0443:\n\n  BytesReturned = 0;\n  v5 = Msg;\n  for ( i = 0xCi64; i; --i )\n    *v5++ = 0;\n  *(_QWORD *)&amp;Msg[0x18] = address;\n  *(_DWORD *)&amp;Msg[0x28] = size; // eq 4\n  *(_QWORD *)&amp;Msg[0x10] = output; \n  return DeviceIoControl(hDevice, 0x80002014, Msg, 0x30u, Msg, 0x30u, &amp;BytesReturned, 0i64);\n\n\n\u0417\u0434\u0435\u0441\u044c address \u2014 \u044d\u0442\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0439 \u0440\u0430\u043d\u0435\u0435 offset \u0444\u043b\u0430\u0433\u0430. \u0412\u043d\u0443\u0442\u0440\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u044d\u0442\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043f\u043e\u043f\u0430\u0434\u0430\u0435\u0442 \u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0438\u0439 \u043f\u0440\u044f\u043c\u043e\u0439 memmove \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f address \u0432 output:\n\nmov     r8d, [IRP+28h]  ; MaxCount\nmov     rdx, [IRP+18h]  ; Src\nmov     rcx, [IRP+10h]  ; Dst\ncall    memmove\n\n\n\u041e\u0447\u0435\u0432\u0438\u0434\u043d\u043e \ud83d\ude06, \u0447\u0442\u043e\u0431\u044b \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0444\u043b\u0430\u0433 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0438 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u0430\u0434\u0440\u0435\u0441\u0443 0=disabled, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u043e\u043c\u0435\u043d\u044f\u0442\u044c \u043c\u0435\u0441\u0442\u0430\u043c\u0438 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f Msg[0x18] \u0438 Msg[0x10]. \u041f\u043e\u0441\u043b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u0444\u043b\u0430\u0433\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044e\u0442 \u043d\u0430 \u043c\u0435\u0441\u0442\u043e \u0438 \u0432\u044b\u0433\u0440\u0443\u0436\u0430\u044e\u0442 \u0438\u0437 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440. \n\n\u0422\u0435\u0445\u043d\u0438\u043a\u0430 \u0432\u0437\u044f\u0442\u0438\u044f \u0441 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 (BYOVD) \u0432\u0441\u0435 \u0447\u0430\u0449\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0439 \ud83d\ude36. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043d\u0438\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b, \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 LOLDrivers \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0441\u043f\u0438\u0441\u043a\u043e\u0432 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u043e\u0442 Microsoft. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0441\u0442\u043e\u0438\u0442 \u043e\u0431\u0440\u0430\u0449\u0430\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0437\u0430\u043f\u0443\u0441\u043a \u0441\u043b\u0443\u0436\u0431 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \ud83d\ude0c. \n\nOldGremlin \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0438 \u0441\u0432\u043e\u0435\u0433\u043e:\n\nsc create vprovdrv binpath= \"\\PdFwKrnl.sys\" type= \"kernel\nsc start vprovdrv\n\nsc create avkdriver binpath= \"\\avkd.sys\" type= \"kernel\nsc start avkdriver\n\n\nIoCs\n\navkd.sys\neac69feccd33f6b97f7b60c1ded22d2b7f689921b28e531e7c2a925c09ce0936\n\npatcher_pdwf.exe\n116fbf458c1062303c2630116f8cad23d394106a5ddcc6d687f0f33dbe17a492\nd236bfc015e735a64ad3c2d447fa70926b898a4e9b9af11f94b83ce768bbd434\n\nPdFwKrnl.sys\n0cf84400c09582ee2911a5b1582332c992d1cd29fcf811cb1dc00fcd61757db0\n6945077a6846af3e4e2f6a2f533702f57e993c5b156b6965a552d6a5d63b7402\n\n\n#APT #ioc\n@ptescalator", "creation_timestamp": "2025-08-04T15:16:55.000000Z"}, {"uuid": "85cf927d-72ac-4f25-9fd6-cc5826a6710f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "0afd1633-ae6e-4341-afec-22a1164d41da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:54.000000Z"}, {"uuid": "64f5548c-597a-454c-8eae-c392c20b9915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4834", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPowerShell script to apply Zenbleed (CVE-2023-20593) MSR workaround on Windows\nURL\uff1ahttps://github.com/sbaresearch/stop-zenbleed-win\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-31T09:27:17.000000Z"}, {"uuid": "459d1fe2-7572-47a5-be07-e7fedbaf80d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20592", "type": "seen", "source": "https://t.me/arpsyndicate/2988", "content": "#ExploitObserverAlert\n\nCVE-2023-20592\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-20592. Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2024-01-26T15:41:00.000000Z"}, {"uuid": "82129ae6-68fb-4449-b5f4-7393c74b8156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20592", "type": "seen", "source": "https://t.me/Teamx1945x/1040", "content": "\ud83d\udd12\ud83d\udcbb \u0648\u062c\u062f \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u062a\u0642\u0646\u064a\u0629 AMD's SEV\u060c \u062a\u0633\u0645\u0649 CacheWarp (CVE-2023-20592)\u060c \u0648\u0627\u0644\u062a\u064a \u062a\u0633\u0645\u062d \u0628\u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0648\u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f \u0641\u064a \u0627\u0644\u0623\u062c\u0647\u0632\u0629 \u0627\u0644\u0627\u0641\u062a\u0631\u0627\u0636\u064a\u0629.\n\n \ud83d\udcf0 \u0627\u0644\u0642\u0635\u0629 \u0643\u0627\u0645\u0644\u0629: https://thehackernews.com/2023/11/cachewarp-attack-new-vulnerability-in.html", "creation_timestamp": "2024-03-29T18:27:13.000000Z"}, {"uuid": "7690616c-72ab-481a-a951-9b0d1d5086fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20592", "type": "seen", "source": "Telegram/JvAvzNrpnmUMEMk7n26p0ZqwnvY_zAm1_CtvQP_JX2rSDQ", "content": "", "creation_timestamp": "2023-11-20T09:12:04.000000Z"}, {"uuid": "5ee5702c-1b24-4ed3-b75b-7a5096d32b01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20598", "type": "seen", "source": "https://t.me/cibsecurity/72437", "content": "\u203c CVE-2023-20598 \u203c\n\nAn improper privilege management in the AMD Radeon\u00e2\u201e\u00a2\u00c2\u00a0Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T18:33:10.000000Z"}, {"uuid": "6dab4fb4-d3ad-495f-9880-8cbdd6a58501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20592", "type": "seen", "source": "Telegram/XyoReJ_H9LimOmDLiCILBkiBjRNgLWCPRhHxwBkUsP5g0A", "content": "", "creation_timestamp": "2023-11-14T21:11:38.000000Z"}, {"uuid": "5b918e44-9b53-405b-a56d-1b69f668cab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "https://t.me/KomunitiSiber/539", "content": "Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk\nhttps://thehackernews.com/2023/07/zenbleed-new-flaw-in-amd-zen-2.html\n\nA new security vulnerability has been discovered in AMD's Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords.\nDiscovered by Google Project Zero researcher Tavis Ormandy, the flaw \u2013 codenamed\u00a0Zenbleed\u00a0and tracked as\u00a0CVE-2023-20593\u00a0(CVSS score: 6.5) \u2013 allows data exfiltration at the rate of 30 kb per core, per second.\nThe", "creation_timestamp": "2023-07-25T15:19:03.000000Z"}, {"uuid": "f9fcd622-662a-461e-b047-afd2249cd179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "Telegram/ny8fDYgr5DjetnwqDrgXlXg583U33Nv2hA1gMSq4uoWlzg", "content": "", "creation_timestamp": "2023-07-25T15:46:06.000000Z"}, {"uuid": "e5245842-ef07-49f7-983b-4eff126de08f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20592", "type": "seen", "source": "https://t.me/KomunitiSiber/1072", "content": "CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs\nhttps://thehackernews.com/2023/11/cachewarp-attack-new-vulnerability-in.html\n\nA group of academics has disclosed a new \"software fault attack\" on AMD's Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation.\nThe attack has been codenamed\u00a0CacheWarp\u00a0(CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security. It", "creation_timestamp": "2023-11-14T21:04:29.000000Z"}, {"uuid": "bd2f3f7c-10ff-41b9-8bf6-ce88c884b5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20592", "type": "seen", "source": "https://t.me/UnknownRebels/4739", "content": "CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs\n\nA group of academics has disclosed a new \"software fault attack\" on AMD's Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation.\n\nThe attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security. It impacts AMD CPUs supporting all variants of SEV.\nsource", "creation_timestamp": "2023-11-15T09:19:23.000000Z"}, {"uuid": "a574c344-9cec-42c7-bbe6-737cf35f6c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "https://t.me/true_secator/4663", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e 62% \u0441\u0440\u0435\u0434 AWS \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 AMD Zenbleed, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f,\u00a0Wiz \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u043e\u0434\u0441\u0447\u0438\u0442\u0430\u0442\u044c, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 60 \u043f\u0440\u043e\u0446\u0435\u043d\u0442\u043e\u0432 \u0441\u0440\u0435\u0434 AWS \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0441 \u0438\u043d\u0441\u0442\u0430\u043d\u0441\u0430\u043c\u0438 EC2 \u0441 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u043c\u0438 Zen 2 \u0438 \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f.\n\nZenbleed,\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439\u00a0\u0422\u044d\u0432\u0438\u0441\u043e\u043c \u041e\u0440\u043c\u0430\u043d\u0434\u0438 \u0438\u0437 Project Zero, \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0441\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Zen 2, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Ryzen 3000 (PRO \u0438 Threadripper), 4000 (PRO), 5000, 7020 \u0438 Epyc (Rome).\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 CVE-2023-20593 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u043f\u0430\u0440\u043e\u043b\u0438 \u0438 \u043a\u043b\u044e\u0447\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\nAMD \u043d\u0430\u0447\u0430\u043b\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0430, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u0442\u0430\u043a\u0436\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 AGESA.\u00a0\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0442\u0430\u043d\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043b\u0438\u0448\u044c \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2023 \u0433\u043e\u0434\u0430.\u00a0\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0434\u0430\u043d\u043d\u044b\u043c.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0432 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u043c \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 Epyc (Rome), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0426\u041e\u0414.\u00a0\n\nWiz \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442 \u043e\u00a0\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0430 Google Cloud Platform\u00a0(GCP), \u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 AWS,\u00a0\u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0431\u0443\u0434\u0443\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.", "creation_timestamp": "2023-07-27T13:16:38.000000Z"}, {"uuid": "34028fa4-3324-4864-b5c1-2e9b2c5afaed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "https://t.me/ZeroDay_TM/794", "content": "\ud83d\udce6 Zenbleed (CVE-2023-20593)\n\n- - - - - - - - - - - - - - - - - - - -\n-=[ @ZeroDay_TM ]=-", "creation_timestamp": "2023-10-08T21:01:49.000000Z"}, {"uuid": "c1462d97-3fba-4fcb-886b-56fa7598437e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20592", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5090", "content": "\u0413\u0440\u0443\u043f\u043f\u0430 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 \u0426\u0435\u043d\u0442\u0440\u0430 \u0418\u0411 \u0438\u043c. \u0413\u0435\u043b\u044c\u043c\u0433\u043e\u043b\u044c\u0446\u0430 CISPA \u0432 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438, \u0422\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0413\u0440\u0430\u0446\u0430 \u0432 \u0410\u0432\u0441\u0442\u0440\u0438\u0438 \u0438 Youheng Lu \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b AMD, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 CacheWarp.\n\nCacheWarp - \u044d\u0442\u043e \u043d\u043e\u0432\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043e\u0448\u0438\u0431\u043e\u043a \u043d\u0430 AMD SEV-ES \u0438 SEV-SNP, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u043e\u0433\u043e \u0432\u043e\u0437\u0432\u0440\u0430\u0442\u0430 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u043d\u044b\u0445 \u0441\u0442\u0440\u043e\u043a \u043a\u044d\u0448\u0430 \u0433\u043e\u0441\u0442\u0435\u0432\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u0432 \u0438\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u043f\u0443\u0442\u0435\u043c \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043f\u0430\u043c\u044f\u0442\u044c, \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 RCE.\n\nCacheWarp \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u0426\u041f AMD Secure Encrypted Virtualization (SEV), \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0435 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u043e\u0432 \u0438 \u0443\u043c\u0435\u043d\u044c\u0448\u0435\u043d\u0438\u044f \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u0437\u0430 \u0441\u0447\u0435\u0442 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432\u0430\u0436\u043d\u043e \u0434\u043b\u044f \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, CacheWarp \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0438 \u044d\u0441\u043a\u0430\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0438\u043c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0440\u0430\u043d\u0435\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0430\u043d\u0441.\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 CacheWarp \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0434\u0440\u0435\u0441\u0430\u043c\u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0442\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0438\u0437\u043c\u0435\u043d\u044f\u044f \u043f\u043e\u0442\u043e\u043a \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043e\u0439.\n\nCacheWarp \u0431\u044b\u043b\u0430 \u043e\u043f\u0438\u0441\u0430\u043d\u0430 \u043a\u0430\u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0438\u0437-\u0437\u0430 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445, \u0430 \u043f\u0435\u0440\u0432\u043e\u043f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430.\n\nCacheWarp \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u043b\u044e\u0431\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0443\u044e \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0435 AMD, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 SEV, \u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u044e\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e SEV, \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u0440\u0438\u0441\u043a\u0443 \u0430\u0442\u0430\u043a.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-20592 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b AMD \u0441\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u043c\u0438, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u043c\u0438 SEV: EPYC 1-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f (SEV \u0438 SEV-ES), EPYC 2-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f (SEV \u0438 SEV-ES) \u0438 EPYC 3-\u0435\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f (SEV, SEV-ES, SEV-SNP), \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f AMD EPYC Genoa 4-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f (Zen 4).\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0432\u044b\u0432\u043e\u0434\u043e\u0432, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u0430\u0439\u0442 \u0441 \u043a\u0440\u0430\u0442\u043a\u0438\u043c \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c \u0430\u0442\u0430\u043a\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0432\u0438\u0434\u0435\u043e \u0441 CacheWarp \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f root-\u043f\u0440\u0430\u0432 \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 OpenSSH \u0438 \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 root \u0447\u0435\u0440\u0435\u0437 Sudo.\n\nAMD, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043b\u044f 1 \u0438\u043b\u0438 2 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 EPYC \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 AMD EPYC 3-\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 SEV-SNP, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0430, \u043d\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0435 \u043a \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2023-11-16T09:58:44.000000Z"}, {"uuid": "1a693285-fdb4-49fd-9d1e-e327e690adec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4654", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Google \u0422\u044d\u0432\u0438\u0441 \u041e\u0440\u043c\u0430\u043d\u0434\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zenbleed, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b AMD Zen2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u0440\u0430\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0430\u0440\u043e\u043b\u0438 \u0438 \u043a\u043b\u044e\u0447\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0441\u043e \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c\u044e 30 \u041a\u0411/\u0441 \u043e\u0442 \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u044f\u0434\u0440\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430.\n\nCVE-2023-20593 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 Zen2 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0444\u0430\u0437\u0437\u0438\u043d\u0433\u0430 \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 vzeroupper \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043b\u044e\u0431\u043e\u0439 \u041e\u0421, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445, \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0430\u0445, \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430\u0445 \u0438 \u0442. \u0434.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 AMD 15 \u043c\u0430\u044f 2023 \u0433\u043e\u0434\u0430, \u0430 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f CVE-2023-20593 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0438 PoC \u0434\u043b\u044f Linux.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b AMD, \u043f\u043e\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0435 Zen 2, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Ryzen 3000 (Matisse), Ryzen 4000U/H (Renoir), Ryzen 5000U (Lucienne), Ryzen 7020, \u0430 \u0442\u0430\u043a\u0436\u0435 ThreadRipper 3000 \u0438 Epyc server (Rome).\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Zenbleed \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f\u00a0\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434 AMD\u00a0\u0438\u043b\u0438 \u0436\u0435 \u0434\u043e\u0436\u0434\u0430\u0442\u044c\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f BIOS \u043e\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b \u0441\u0432\u043e\u0439\u00a0\u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0439 \u043f\u0443\u0442\u044c \u0434\u043b\u044f \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f \u043e \u043f\u0430\u0434\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f. \n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e Zenbleed \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0441\u043b\u043e\u0436\u043d\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 vzeroupper \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0432\u044b\u0437\u043e\u0432\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e, \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044b\u043c \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\u00a0\n\n\u041d\u043e \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 Zenbleed \u043d\u0430 \u043e\u0431\u044b\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0435\u0432\u0435\u043b\u0438\u043a\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0432\u044b\u0441\u043e\u043a\u0430\u044f \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432\u0441\u0435\u0433\u0434\u0430 \u0432\u0430\u0436\u043d\u043e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0438 \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044f BIOS.", "creation_timestamp": "2023-07-25T15:30:05.000000Z"}, {"uuid": "39d2d581-f952-4335-a554-d8a1144ad2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "Telegram/6-EftlhErD1GWjLSgmoZ7L78z1QAr8fxcxU75ipFaPbp4A", "content": "", "creation_timestamp": "2023-07-26T15:11:13.000000Z"}, {"uuid": "877e9b18-25dc-4bba-89b8-94077720c4af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20597", "type": "seen", "source": "https://t.me/cibsecurity/70831", "content": "\u203c CVE-2023-20597 \u203c\n\nImproper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T22:29:39.000000Z"}, {"uuid": "29c35159-44b3-4da0-928e-c0d7e8af979a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3949", "content": "\ud83d\udcccCVE-2023-20593 AMD Zen Processor Exploit  : https://system32.ink/cve-2023-20593-amd-zen-processor-exploit/\n\n\ud83d\udcccCVE-2023-35086 POC : https://system32.ink/cve-2023-35086-poc/\n\n\ud83d\udcccCisco SPA112 2-Port Phone Adapters RCE Exploit : https://system32.ink/cisco-spa112-2-port-phone-adapters-rce-exploit/\n\n\ud83d\udcccKernel Exploits Factory  : https://system32.ink/kernel-exploits-factory/\n\n\ud83d\udcccVenomRAT v6.0.3 : https://system32.ink/venomrat-v6.0.3-source-code/\n\n\ud83d\udccc99 Cents Only Stores Data Leak : https://system32.ink/99-cents-only-stores-data-leak/\n\n\ud83d\udcccFiberlink 210 routers Os Injection Exploit : https://system32.ink/fiberlink-210-routers-os-injection-exploit-cve-2023-33617/\n\n@Crackcodes | System32.ink | Crackcodes.in", "creation_timestamp": "2023-07-26T16:04:50.000000Z"}, {"uuid": "c2d2c423-d95b-4642-adb1-cad46595b0b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "https://t.me/cibsecurity/67186", "content": "\u203c CVE-2023-20593 \u203c\n\nAn issue in \u00e2\u20ac\u0153Zen 2\u00e2\u20ac\ufffd CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T00:25:56.000000Z"}, {"uuid": "207de762-7d17-4006-a878-ca50c61b6a99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20594", "type": "seen", "source": "https://t.me/cibsecurity/70826", "content": "\u203c CVE-2023-20594 \u203c\n\nImproper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T22:29:33.000000Z"}, {"uuid": "89594918-8203-4582-8264-dcc12d6ee933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7720", "content": "Zenbleed (CVE-2023-20593)\n\nhttps://www.youtube.com/watch?v=9EY_9KtxyPg", "creation_timestamp": "2023-08-30T14:00:02.000000Z"}, {"uuid": "5c4a9fad-f36f-49b2-b2f3-a9b674e18cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "https://t.me/thehackernews/3642", "content": "\u26a1 A serious security flaw has been found in AMD's Zen 2 processors, putting sensitive data at risk! \n \nDiscover the details of Zenbleed (CVE-2023-20593) \u2013 a speculative execution attack that allows data exfiltration at 30 kb/core/second. \n \nRead: https://thehackernews.com/2023/07/zenbleed-new-flaw-in-amd-zen-2.html", "creation_timestamp": "2023-07-25T12:15:38.000000Z"}, {"uuid": "3f112f05-b1a4-49c1-982b-64a6ce269ae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20592", "type": "seen", "source": "https://t.me/thehackernews/4148", "content": "\ud83d\udd12\ud83d\udcbb Researchers found a vulnerability in AMD's SEV technology, called CacheWarp (CVE-2023-20592), that allows privilege escalation and remote code execution in virtual machines.\n\n\ud83d\udcf0 Full story: https://thehackernews.com/2023/11/cachewarp-attack-new-vulnerability-in.html", "creation_timestamp": "2023-11-15T04:46:49.000000Z"}, {"uuid": "b37d32d4-49a2-4ec8-a5a8-6b2dc09de6bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2059", "type": "seen", "source": "https://t.me/cibsecurity/62160", "content": "\u203c CVE-2023-2059 \u203c\n\nA vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/select_templets.php. The manipulation leads to path traversal: '..\\filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225944.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T18:26:08.000000Z"}, {"uuid": "83ca9bef-a74b-4784-b49d-3d8e6cccf615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "seen", "source": "https://t.me/HackerOne/3522", "content": "A use-after-free in AMD Zen2 processors \n(CVE-2023-20593)\n\n\nhttps://ift.tt/hBA93uf", "creation_timestamp": "2023-07-24T22:28:06.000000Z"}, {"uuid": "17815ec2-8189-4608-bbf4-11fad06f3993", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9345", "content": "#exploit\n1. Exploiting AMD Zenbleed (CVE-2023-20593) from Chrome\nhttps://vu.ls/blog/exploiting-zenbleed-from-chrome\n]-&gt; https://github.com/vu-ls/Zenbleed-Chrome-PoC\n\n2. CVE-2023-41425:\nXSS in Wonder CMS 3.2.0 - 3.4.2\nhttps://github.com/prodigiousMind/CVE-2023-41425\n\n3. Tool to create zip/tar/cpio archives to exploit common archive library issues and developer mistakes\nhttps://github.com/pentagridsec/archive_pwn", "creation_timestamp": "2023-11-07T11:01:00.000000Z"}, {"uuid": "b1c03a21-6046-4e42-b1c2-2b0e4c9e42e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8735", "content": "#Hardware_Security\n1. Zenbleed - vulnerability of AMD Zen2 processors (CVE-2023-20593)\nhttps://lock.cmpxchg8b.com/zenbleed.html\n2. Exploiting MikroTik RouterOS Hardware with CVE-2023-30799\nhttps://vulncheck.com/blog/mikrotik-foisted-revisited", "creation_timestamp": "2023-07-26T11:00:30.000000Z"}, {"uuid": "c61ec3c0-9314-46e1-a5f3-adf158343ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20593", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1656", "content": "#exploit\n1. Exploiting AMD Zenbleed (CVE-2023-20593) from Chrome\nhttps://vu.ls/blog/exploiting-zenbleed-from-chrome\n]-&gt; https://github.com/vu-ls/Zenbleed-Chrome-PoC\n\n2. CVE-2023-41425:\nXSS in Wonder CMS 3.2.0 - 3.4.2\nhttps://github.com/prodigiousMind/CVE-2023-41425\n\n3. Tool to create zip/tar/cpio archives to exploit common archive library issues and developer mistakes\nhttps://github.com/pentagridsec/archive_pwn", "creation_timestamp": "2024-08-16T08:43:35.000000Z"}]}