VDB
CVE-2023-20519
CVE-2023-20519
PUBLISHED
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
EPSS 0.06% · 18.8th percentile
Risk Scores
EPSS Score
0.06%
18.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Linux | |
| HP | HP Computer | |
| Open Source | Open Source CentOS | |
| Red Hat | Red Hat Enterprise Linux | |
| Lenovo | Lenovo Computer | |
| AMD | AMD Prozessor | |
| HPE | HPE ProLiant | |
| Lenovo | Lenovo BIOS | |
| SUSE | SUSE Linux | |
| Dell | Dell BIOS | |
| IBM | IBM Power Hardware Management Console V10 | |
| Dell | Dell Computer |
Timeline
- Nov 14, 2023 CVE Published
- Nov 15, 2023 EPSS Score
- Dec 15, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Feb 14, 2024 EPSS Score
- Mar 15, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 13, 2024 EPSS Score
- Jul 13, 2024 EPSS Score
- Aug 13, 2024 EPSS Score
- Aug 30, 2024 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2916.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2916 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7011.html advisory
- https://support.lenovo.com/de/de/product_security/ps500589-multi-vendor-bios-security-vulnerabilities-november-2023 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017285.html advisory
- https://www.dell.com/support/kbdoc/000220057/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220223/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220054/dsa-2023-= advisory
- https://support.hp.com/us-en/document/ish_9799938-9799975-16/HPSBHF03893 advisory
- https://www.dell.com/support/kbdoc/000218423/dsa-2023-= advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017397.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017401.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017396.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017402.html advisory
- https://support.hp.com/us-en/document/ish_9925738-9925742-16/HPSBHF03892 advisory
- https://access.redhat.com/errata/RHSA-2024:0753 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5001.html advisory
…and 12 more