CVE-2023-20596

Summary

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDRyzen™ 5000 Series Desktop Processor with Radeon™ Graphics Formerly codenamed “Cezanne” AM4variousaffected
AMDRyzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael”variousaffected
AMDRyzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael” X3Dvariousaffected
AMDRyzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”variousaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics “Rembrandt”variousaffected
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”variousaffected
AMDRyzen™ 7040 Series Mobile Processors with Radeon™ Graphics Formerly codenamed “Phoenix”variousaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References