Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-20596
HistoryNov 14, 2023 - 7:15 p.m.

CVE-2023-20596

2023-11-1419:15:16
[email protected]
web.nvd.nist.gov
6
cve-2023-20596
input validation
smm supervisor
ring0 access
arbitrary code execution

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

48.9%

JSON

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.

Affected configurations

Nvd
Node
amdryzen_7_5700g_firmwareRange<comboam4v2_1.2.0.b
AND
amdryzen_7_5700gMatch-
Node
amdryzen_7_5700ge_firmwareRange<comboam4v2_1.2.0.b
AND
amdryzen_7_5700geMatch-
Node
amdryzen_5_5600g_firmwareRange<comboam4v2_1.2.0.b
AND
amdryzen_5_5600gMatch-
Node
amdryzen_5_5600ge_firmwareRange<comboam4v2_1.2.0.b
AND
amdryzen_5_5600geMatch-
Node
amdryzen_3_5300g_firmwareRange<comboam4v2_1.2.0.b
AND
amdryzen_3_5300gMatch-
Node
amdryzen_3_5300ge_firmwareRange<comboam4v2_1.2.0.b
AND
amdryzen_3_5300geMatch-
Node
amdryzen_9_7950x3d_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_9_7950x3dMatch-
Node
amdryzen_9_7950x_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_9_7950xMatch-
Node
amdryzen_9_7900x3d_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_9_7900x3dMatch-
Node
amdryzen_9_7900_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_9_7900Match-
Node
amdryzen_9_7900x_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_9_7900xMatch-
Node
amdryzen_9_pro_7945_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_9_pro_7945Match-
Node
amdryzen_7_7800x3d_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_7_7800x3dMatch-
Node
amdryzen_7_7700x_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_7_7700xMatch-
Node
amdryzen_7_7700_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_7_7700Match-
Node
amdryzen_7_pro_7745_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_7_pro_7745Match-
Node
amdryzen_5_7600x_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_5_7600xMatch-
Node
amdryzen_5_7600_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_5_7600Match-
Node
amdryzen_5_pro_7645_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_5_pro_7645Match-
Node
amdryzen_5_7500f_firmwareRange<comboam5pi_1.0.8.0
AND
amdryzen_5_7500fMatch-
Node
amdryzen_9_5980hx_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_9_5980hxMatch-
Node
amdryzen_9_5980hs_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_9_5980hsMatch-
Node
amdryzen_9_5900hx_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_9_5900hxMatch-
Node
amdryzen_9_5900hs_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_9_5900hsMatch-
Node
amdryzen_7_5800h_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_7_5800hMatch-
Node
amdryzen_7_5800hs_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_7_5800hsMatch-
Node
amdryzen_7_5825u_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_7_5825uMatch-
Node
amdryzen_7_5800u_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_7_5800uMatch-
Node
amdryzen_5_5600h_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_5_5600hMatch-
Node
amdryzen_5_5600hs_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_5_5600hsMatch-
Node
amdryzen_5_5625u_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_5_5625uMatch-
Node
amdryzen_5_5600u_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_5_5600uMatch-
Node
amdryzen_5_5560u_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_5_5560uMatch-
Node
amdryzen_5_5500h_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_5_5500hMatch-
Node
amdryzen_3_5425u_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_3_5425uMatch-
Node
amdryzen_3_5400u_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_3_5400uMatch-
Node
amdryzen_3_5125c_firmwareRange<cezannepi-fp6_1.0.0.fa
AND
amdryzen_3_5125cMatch-
Node
amdryzen_9_6980hx_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_9_6980hxMatch-
Node
amdryzen_9_6980hs_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_9_6980hsMatch-
Node
amdryzen_9_6900hx_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_9_6900hxMatch-
Node
amdryzen_9_6900hs_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_9_6900hsMatch-
Node
amdryzen_7_6800h_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_7_6800hMatch-
Node
amdryzen_7_6800hs_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_7_6800hsMatch-
Node
amdryzen_7_6800u_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_7_6800uMatch-
Node
amdryzen_5_6600h_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_5_6600hMatch-
Node
amdryzen_5_6600hs_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_5_6600hsMatch-
Node
amdryzen_5_6600u_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_5_6600uMatch-
Node
amdryzen_7_7735hs_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_7_7735hsMatch-
Node
amdryzen_7_7736u_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_7_7736uMatch-
Node
amdryzen_7_7735u_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_7_7735uMatch-
Node
amdryzen_5_7535hs_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_5_7535hsMatch-
Node
amdryzen_5_7535u_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_5_7535uMatch-
Node
amdryzen_3_7335u_firmwareRange<rembrandtpi-fp7_1.0.0.9b
AND
amdryzen_3_7335uMatch-
Node
amdryzen_9_pro_7940hs_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_9_pro_7940hsMatch-
Node
amdryzen_9_7940h_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_9_7940hMatch-
Node
amdryzen_7_pro_7840hs_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_7_pro_7840hsMatch-
Node
amdryzen_7_7840h_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_7_7840hMatch-
Node
amdryzen_7_pro_7840u_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_7_pro_7840uMatch-
Node
amdryzen_5_pro_7640hs_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_5_pro_7640hsMatch-
Node
amdryzen_5_7640h_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_5_7640hMatch-
Node
amdryzen_5_pro_7640u_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_5_pro_7640uMatch-
Node
amdryzen_5_pro_7545u_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_5_pro_7545uMatch-
Node
amdryzen_5_pro_7540u_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_5_pro_7540uMatch-
Node
amdryzen_3_7440u_firmwareRange<phoenixpi-fp8-fp7_1.0.0.2
AND
amdryzen_3_7440uMatch-
VendorProductVersionCPE
amdryzen_7_5700g_firmware*cpe:2.3:o:amd:ryzen_7_5700g_firmware:*:*:*:*:*:*:*:*
amdryzen_7_5700g-cpe:2.3:h:amd:ryzen_7_5700g:-:*:*:*:*:*:*:*
amdryzen_7_5700ge_firmware*cpe:2.3:o:amd:ryzen_7_5700ge_firmware:*:*:*:*:*:*:*:*
amdryzen_7_5700ge-cpe:2.3:h:amd:ryzen_7_5700ge:-:*:*:*:*:*:*:*
amdryzen_5_5600g_firmware*cpe:2.3:o:amd:ryzen_5_5600g_firmware:*:*:*:*:*:*:*:*
amdryzen_5_5600g-cpe:2.3:h:amd:ryzen_5_5600g:-:*:*:*:*:*:*:*
amdryzen_5_5600ge_firmware*cpe:2.3:o:amd:ryzen_5_5600ge_firmware:*:*:*:*:*:*:*:*
amdryzen_5_5600ge-cpe:2.3:h:amd:ryzen_5_5600ge:-:*:*:*:*:*:*:*
amdryzen_3_5300g_firmware*cpe:2.3:o:amd:ryzen_3_5300g_firmware:*:*:*:*:*:*:*:*
amdryzen_3_5300g-cpe:2.3:h:amd:ryzen_3_5300g:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 1281

Related

amd 1
prion 1
cvelist 1
hp 1
cve 1
amd
amd
AMD SMM Supervisor Vulnerability Security Notice
2023-11-14 00:00:00
prion
prion
Input validation
2023-11-14 19:15:00
cvelist
cvelist
CVE-2023-20596
2023-11-14 18:55:14
hp
hp
AMD SMM Supervisor November 2023 Security Update
2023-12-07 00:00:00
cve
cve
CVE-2023-20596
2023-11-14 19:15:16

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

48.9%

JSON
Related for NVD:CVE-2023-20596
amd1prion1cvelist1hp1cve1