CVE-2023-20599

🗓️ 10 Jun 2025 16:15:03Reported by AMDType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 66 Views

Improper access control in ASP allows privileged attackers to access Crypto Co-Processor registers.

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Lenovo XCC affect IBM Cloud Pak System	4 Mar 202612:14	–	ibm
Amd	Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor	10 Jun 202500:00	–	amd
Circl	CVE-2023-20599	10 Jun 202516:32	–	circl
CNNVD	AMD EPYC 安全漏洞	10 Jun 202500:00	–	cnnvd
Cvelist	CVE-2023-20599	10 Jun 202516:15	–	cvelist
EUVD	EUVD-2023-24778	3 Oct 202520:07	–	euvd
Hewlett-Packard	AMD Secure Processor Security Update	14 Oct 202500:00	–	hp
NVD	CVE-2023-20599	10 Jun 202517:17	–	nvd
Positive Technologies	PT-2025-24687 · Asp · Asp	10 Jun 202500:00	–	ptsecurity
RedhatCVE	CVE-2023-20599	12 Jun 202517:06	–	redhatcve

[
  {
    "defaultStatus": "affected",
    "product": "AMD EPYC™ 7002 Series Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "RomePI 100H SEV 0.24.19 [hex 00.18.13]"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD Ryzen™ Threadripper™ 3000 Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "CastlePeakPI-SP3r3_1.0.0.F"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD Ryzen™ Threadripper™ PRO 3000 WX Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "ChagallWSPI-sWRX8 1.0.0.C"
      },
      {
        "status": "unaffected",
        "version": "CastlePeakWSPI-sWRX8 1.0.0.H"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "PicassoPI-FP5_1.0.1.2c"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD EPYC™ Embedded 7002 Series Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "EmbRomePI-SP3 1.0.0.B"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD EPYC™ Embedded 7003 Series Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "EmbMilanPI-SP3 1.0.0.8"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD Ryzen™ Embedded R1000 Series Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "EmbeddedPI-FP5 1211"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "EmbeddedPI-FP5 1211"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD Ryzen™ Embedded R2000 Series Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "EmbeddedR2KPI-FP5 1006"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "AMD Ryzen™ Embedded V1000 Series Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "unaffected",
        "version": "EmbeddedPI-FP5 1211 RC1"
      }
    ]
  }
]

Source	Link
amd	www.amd.com/en/resources/product-security/bulletin/AMD-SB-7039.html

15 Apr 2026 00:35Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.17.9

EPSS0.00098

SSVC

CWE-1262