CVE-2023-20566

Summary

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.

Affected Software

VendorProductVersion RangeStatus
AMD3rd Gen AMD EPYC™ Processorsvariousaffected
AMD4th Gen AMD EPYC™ Processorsvariousaffected
AMDAMD EPYC™ Embedded 7003variousaffected
AMDAMD EPYC™ Embedded 9003variousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References