VDB
CVE-2023-20571
CVE-2023-20571
PUBLISHED
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
EPSS 0.33% · 55.9th percentile
Risk Scores
EPSS Score
0.33%
55.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Lenovo BIOS | |
| Open Source | Open Source CentOS | |
| SUSE | SUSE Linux | |
| Oracle | Oracle Linux | |
| Dell | Dell BIOS | |
| Red Hat | Red Hat Enterprise Linux | |
| IBM | IBM Power Hardware Management Console V10 | |
| Dell | Dell Computer | |
| AMD | AMD Prozessor | |
| HPE | HPE ProLiant | |
| Lenovo | Lenovo Computer | |
| HP | HP Computer |
Timeline
- Nov 14, 2023 CVE Published
- Nov 15, 2023 EPSS Score
- Dec 15, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Feb 14, 2024 EPSS Score
- Mar 15, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 13, 2024 EPSS Score
- Jul 13, 2024 EPSS Score
- Aug 2, 2024 CVE Updated
- Aug 13, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2916.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2916 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7011.html advisory
- https://support.lenovo.com/de/de/product_security/ps500589-multi-vendor-bios-security-vulnerabilities-november-2023 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017285.html advisory
- https://www.dell.com/support/kbdoc/000220057/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220223/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220054/dsa-2023-= advisory
- https://support.hp.com/us-en/document/ish_9799938-9799975-16/HPSBHF03893 advisory
- https://www.dell.com/support/kbdoc/000218423/dsa-2023-= advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017397.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017401.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017396.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017402.html advisory
- https://support.hp.com/us-en/document/ish_9925738-9925742-16/HPSBHF03892 advisory
- https://access.redhat.com/errata/RHSA-2024:0753 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5001.html advisory
…and 12 more