CVE-2023-20579
4.4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AMD | AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 7000 Series Desktop Processor | Various | affected |
| AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 7045 Series Mobile Processors | various | affected |
| AMD | AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ Embedded V2000 | various | affected |
| AMD | AMD Ryzen™ Embedded V3000 | various | affected |
| AMD | AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics | various | affected |
| AMD | AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics | various | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.