CVE-2023-20596

Published: Nov 14, 2023

Modified: Aug 2, 2024

PUBLISHED

Description

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.

Vendor	Product	Versions
AMD	Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Formerly codenamed “Cezanne” AM4	affected `various`
AMD	Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael”	affected `various`
AMD	Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael” X3D	affected `various`
AMD	Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”	affected `various`
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics "Rembrandt"	affected `various`
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”	affected `various`
AMD	Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Formerly codenamed “Phoenix”	affected `various`

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-20596

Description

Affected Products

References