VDB
CVE-2023-20566
CVE-2023-20566
PUBLISHED
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
EPSS 0.05% · 17.6th percentile
Risk Scores
EPSS Score
0.05%
17.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Lenovo Computer | |
| Oracle | Oracle Linux | |
| Dell | Dell Computer | |
| Dell | Dell BIOS | |
| Red Hat | Red Hat Enterprise Linux | |
| Open Source | Open Source CentOS | |
| IBM | IBM Power Hardware Management Console V10 | |
| AMD | AMD Prozessor | |
| HP | HP Computer | |
| HPE | HPE ProLiant | |
| Lenovo | Lenovo BIOS | |
| SUSE | SUSE Linux |
Timeline
- Nov 14, 2023 CVE Published
- Nov 15, 2023 EPSS Score
- Dec 15, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Feb 14, 2024 EPSS Score
- Mar 15, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 13, 2024 EPSS Score
- Jul 13, 2024 EPSS Score
- Aug 13, 2024 EPSS Score
- Sep 12, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2916.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2916 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7011.html advisory
- https://support.lenovo.com/de/de/product_security/ps500589-multi-vendor-bios-security-vulnerabilities-november-2023 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017285.html advisory
- https://www.dell.com/support/kbdoc/000220057/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220223/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220054/dsa-2023-= advisory
- https://support.hp.com/us-en/document/ish_9799938-9799975-16/HPSBHF03893 advisory
- https://www.dell.com/support/kbdoc/000218423/dsa-2023-= advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017397.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017401.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017396.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017402.html advisory
- https://support.hp.com/us-en/document/ish_9925738-9925742-16/HPSBHF03892 advisory
- https://access.redhat.com/errata/RHSA-2024:0753 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5001.html advisory
…and 12 more