CVE-2023-20596

🗓️ 14 Nov 2023 18:55:14Reported by AMDType

SMM Supervisor input validation vulnerability

Reporter	Title	Published	Views	Family All 10
Amd	AMD SMM Supervisor Vulnerability Security Notice	14 Nov 202300:00	–	amd
BDU FSTEC	The vulnerability of the System Management Mode (SMM) feature of AMD Ryzen microprogramming systems allows attackers to enhance their privileges and compromise the integrity, accessibility, and confidentiality of protected information.	11 Dec 202300:00	–	bdu_fstec
CNNVD	AMD Ryzen Security Breach	14 Nov 202300:00	–	cnnvd
CVE	CVE-2023-20596	14 Nov 202318:55	–	cve
EUVD	EUVD-2023-24775	3 Oct 202520:07	–	euvd
Hewlett-Packard	AMD SMM Supervisor November 2023 Security Update	7 Dec 202300:00	–	hp
NVD	CVE-2023-20596	14 Nov 202319:15	–	nvd
OSV	CVE-2023-20596	14 Nov 202319:15	–	osv
Prion	Input validation	14 Nov 202319:15	–	prion
Positive Technologies	PT-2022-7168 · Amd · Amd Ryzen	27 Oct 202200:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Formerly codenamed “Cezanne” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 7000 Series  Desktop Processors  with Radeon™ Graphics Formerly codenamed “Raphael”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael” X3D",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics \"Rembrandt\"",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "PI",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Formerly codenamed “Phoenix”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

Source	Link
amd	www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011

14 Nov 2023 18:55Current

9.9High risk

Vulners AI Score9.9

EPSS0.00389