Lucene search

AMDCVELIST:CVE-2023-20571

HistoryNov 14, 2023 - 6:55 p.m.

CVE-2023-20571

2023-11-1418:55:02

AMD

www.cve.org

system management mode

race condition

privilege escalation

cve-2018-8897

attacker

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics  “Cezanne”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 7000 Series Desktop Processors “Raphael” XD3",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics \"Rembrandt\"",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics  “Barcelo”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": " Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics “Phoenix” FP7/FP7r2/FP8",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002