CVE-2023-20515
Published: Feb 11, 2025
Modified: Feb 12, 2025
CVSS v3.1
5.7
Description
Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.
| Vendor | Product | Versions |
|---|---|---|
AMD | AMD Ryzen™ 3000 Series Desktop Processors | unaffected ComboAM4v2PI 1.2.0.CA |
AMD | AMD Ryzen™ 5000 Series Desktop Processors | unaffected ComboAM4v2PI 1.2.0.CA |
AMD | AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics | unaffected ComboAM4v2PI 1.2.0.CA |
AMD | AMD Ryzen™ 7000 Series Desktop Processors | unaffected ComboAM5 1.0.8.0 |
AMD | AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics | unaffected ComboAM4v2PI 1.2.0.CAunaffected ComboAM4PI 1.0.0.B |
AMD | AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics | unaffected ComboAM4v2PI 1.2.0.CA |
AMD | AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics | unaffected ComboAM5 1.0.8.0 |
AMD | AMD Ryzen™ Threadripper™ 3000 Series Processors | unaffected CastlePeakPI-SP3r3 1.0.0.C |
AMD | AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors | unaffected CastlePeakWSPI-sWRX8 1.0.0.Eunaffected ChagallWSPI-sWRX8 1.0.0.9 |
AMD | AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors | unaffected ChagallWSPI-sWRX8 1.0.0.7 |
AMD | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics | unaffected Pollock-FT5 1.0.0.7 |
AMD | AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics | unaffected Picasso-FP5 1.0.1.1 |
AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics | unaffected RenoirPI-FP6 1.0.0.D |
AMD | AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics | unaffected Cezanne-FP6 1.0.1.0 |
AMD | AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics | unaffected MendocinoPI-FT6 1.0.0.6 |
AMD | AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics | unaffected RembrandtPI-FP7 1.0.0.9b |
AMD | AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics | unaffected RembrandtPI-FP7 1.0.0.9b |
AMD | AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics | unaffected PhoenixPI-FP8-FP7 1.0.8.0 |
AMD | AMD Ryzen™ 7000 Series Mobile Processors | unaffected DragonRangeFL1PI 1.0.0.3b |
AMD | AMD Ryzen™ Embedded R1000 | unaffected EmbeddedPI-FP5 1.2.0.C |
AMD | AMD Ryzen™ Embedded R2000 | unaffected EmbeddedR2KPI-FP5 1.0.0.3 |
AMD | AMD Ryzen™ Embedded 5000 | unaffected EmbAM4PI 1.0.0.5 |
AMD | AMD Ryzen™ Embedded 7000 | unaffected EmbeddedAM5PI 1.0.0.0 |
AMD | AMD Ryzen™ Embedded V2000 | unaffected EmbeddedPI-FP6 1.0.0.9 |
AMD | AMD Ryzen™ Embedded V1000 | affected No Fix Planned |
AMD | AMD Ryzen™ Embedded V3000 | unaffected Embedded-PIFP7r2 1.0.0.8 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now