CVE-2023-20597
Published: Sep 20, 2023
Modified: Jun 27, 2025
Description
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
| Vendor | Product | Versions |
|---|---|---|
AMD | Ryzen™ 3000 Series Desktop Processors “Matisse” | affected various |
AMD | Ryzen™ 5000 Series Desktop Processors “Vermeer” | affected various |
AMD | Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne” | affected various |
AMD | Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDT | affected various |
AMD | Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3 | affected various |
AMD | Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS SP3 | affected various |
AMD | Ryzen™ 6000 Series Mobile Processors with Radeon™ Graphics "Rembrandt" | affected various |
AMD | Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics "Rembrandt-R" | affected various |
AMD | Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics "Barcelo" | affected various |
AMD | Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R” | affected various |
AMD | AMD EPYC™ Embedded 7003 | unaffected EmbMilanPI-SP3 1.0.0.6 |
AMD | AMD Ryzen™ Embedded 5000 | unaffected EmbAM4PI 1.0.0.2 |
AMD | AMD Ryzen™ Embedded V2000 | unaffected EmbeddedPI-FP6 1.0.0.8 |
AMD | AMD Ryzen™ Embedded V3000 | unaffected EmbeddedPI-FP7r2 1.0.0.4 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now