CVE-2023-20599
Published: Jun 10, 2025
Modified: Feb 26, 2026
CVSS v3.1
7.9
Description
Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality.
| Vendor | Product | Versions |
|---|---|---|
AMD | AMD EPYC™ 7002 Series Processors | unaffected RomePI 100H SEV 0.24.19 [hex 00.18.13] |
AMD | AMD Ryzen™ Threadripper™ 3000 Processors | unaffected CastlePeakPI-SP3r3_1.0.0.F |
AMD | AMD Ryzen™ Threadripper™ PRO 3000 WX Processors | unaffected ChagallWSPI-sWRX8 1.0.0.Cunaffected CastlePeakWSPI-sWRX8 1.0.0.H |
AMD | AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics | unaffected PicassoPI-FP5_1.0.1.2c |
AMD | AMD EPYC™ Embedded 7002 Series Processors | unaffected EmbRomePI-SP3 1.0.0.B |
AMD | AMD EPYC™ Embedded 7003 Series Processors | unaffected EmbMilanPI-SP3 1.0.0.8 |
AMD | AMD Ryzen™ Embedded R1000 Series Processors | unaffected EmbeddedPI-FP5 1211 |
AMD | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics | unaffected EmbeddedPI-FP5 1211 |
AMD | AMD Ryzen™ Embedded R2000 Series Processors | unaffected EmbeddedR2KPI-FP5 1006 |
AMD | AMD Ryzen™ Embedded V1000 Series Processors | unaffected EmbeddedPI-FP5 1211 RC1 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now