CVE-2023-20555 | Severity.io

Description

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.

Related CPE's

o

amd

ryzen_3_3300_firmware

2

h

amd

ryzen_3_3300

2

o

amd

ryzen_3_3300x_firmware

2

h

amd

ryzen_3_3300x

2

o

amd

ryzen_5_3600_firmware

2

h

amd

ryzen_5_3600

2

o

amd

ryzen_5_3600x_firmware

2

h

amd

ryzen_5_3600x

2

o

amd

ryzen_7_3700_firmware

2

h

amd

ryzen_7_3700

2

o

amd

ryzen_7_3700x_firmware

2

h

amd

ryzen_7_3700x

2

o

amd

ryzen_9_3800x_firmware

2

h

amd

ryzen_9_3800x

2

o

amd

ryzen_9_3850x_firmware

2

h

amd

ryzen_9_3850x

2

ryzen_9_5950x_firmware

Vulnerable

ryzen_9_5900x_firmware

Vulnerable

ryzen_9_5900_firmware

Vulnerable

ryzen_9_pro_5945_firmware

Vulnerable

ryzen_9_pro_5945

ryzen_7_5800x3d_firmware

Vulnerable

ryzen_7_5800x3d

ryzen_7_5800x_firmware

Vulnerable

ryzen_7_5800_firmware

Vulnerable

ryzen_7_5700x_firmware

Vulnerable

ryzen_7_pro_5845_firmware

Vulnerable

ryzen_7_pro_5845

ryzen_5_5600x3d_firmware

Vulnerable

ryzen_5_5600x3d

ryzen_5_5600x_firmware

Vulnerable

ryzen_5_5600_firmware

Vulnerable

ryzen_5_pro_5645_firmware

Vulnerable

ryzen_5_pro_5645

ryzen_7_5700_firmware

Vulnerable

ryzen_5_5500_firmware

Vulnerable

ryzen_3_5100_firmware

Vulnerable

ryzen_7_5700g_firmware

Vulnerable

ryzen_7_5700ge_firmware

Vulnerable

ryzen_5_5600g_firmware

Vulnerable

ryzen_5_5600ge_firmware

Vulnerable

ryzen_3_5300g_firmware

Vulnerable

ryzen_3_5300ge_firmware

Vulnerable

ryzen_9_7950x3d_firmware

Vulnerable

ryzen_9_7950x3d

ryzen_9_7950x_firmware

Vulnerable

ryzen_9_7900x3d_firmware

Vulnerable

ryzen_9_7900x3d

ryzen_9_7900x_firmware

Vulnerable

ryzen_9_7900_firmware

Vulnerable

ryzen_9_pro_7945_firmware

Vulnerable

ryzen_9_pro_7945

ryzen_7_7800x3d_firmware

Vulnerable

ryzen_7_7800x3d

ryzen_7_7700x_firmware

Vulnerable

ryzen_7_7700_firmware

Vulnerable

ryzen_7_pro_7745_firmware

Vulnerable

ryzen_7_pro_7745

ryzen_5_7600x_firmware

Vulnerable

ryzen_5_7600_firmware

Vulnerable

ryzen_5_pro_7645_firmware

Vulnerable

ryzen_5_pro_7645

ryzen_5_7500f_firmware

Vulnerable

ryzen_4700s_firmware

Vulnerable

ryzen_5_4500_firmware

Vulnerable

ryzen_3_4100_firmware

Vulnerable

o

amd

athlon_pro_300ge_firmware

2

h

amd

athlon_pro_300ge

2

o

amd

athlon_gold_3150ge_firmware

2

h

amd

athlon_gold_3150ge

2

o

amd

athlon_gold_pro_3150ge_firmware

2

h

amd

athlon_gold_pro_3150ge

2

o

amd

athlon_gold_3150g_firmware

2

h

amd

athlon_gold_3150g

2

o

amd

athlon_gold_pro_3150g_firmware

2

h

amd

athlon_gold_pro_3150g

2

athlon_silver_3050e_firmware

Vulnerable

athlon_silver_3050e

athlon_pro_3045b_firmware

Vulnerable

athlon_pro_3045b

athlon_silver_3050u_firmware

Vulnerable

athlon_silver_3050u

athlon_silver_3050c_firmware

Vulnerable

athlon_silver_3050c

athlon_pro_3145b_firmware

Vulnerable

athlon_pro_3145b

athlon_gold_3150u_firmware

Vulnerable

athlon_gold_3150u

athlon_gold_3150c_firmware

Vulnerable

athlon_gold_3150c

athlon_3015e_firmware

Vulnerable

athlon_3015ce_firmware

Vulnerable

ryzen_7_3780u_firmware

Vulnerable

ryzen_7_3750h_firmware

Vulnerable

ryzen_7_3700c_firmware

Vulnerable

ryzen_7_3700u_firmware

Vulnerable

ryzen_5_3580u_firmware

Vulnerable

ryzen_5_3550h_firmware

Vulnerable

ryzen_5_3500c_firmware

Vulnerable

ryzen_5_3500u_firmware

Vulnerable

ryzen_5_3450u_firmware

Vulnerable

ryzen_3_3350u_firmware

Vulnerable

ryzen_3_3300u_firmware

Vulnerable

ryzen_9_4900h_firmware

Vulnerable

ryzen_9_4900hs_firmware

Vulnerable

ryzen_7_4800h_firmware

Vulnerable

ryzen_7_4800hs_firmware

Vulnerable

ryzen_7_4980u_firmware

Vulnerable

ryzen_7_4800u_firmware

Vulnerable

ryzen_7_4700u_firmware

Vulnerable

ryzen_5_4600h_firmware

Vulnerable

ryzen_5_4600hs_firmware

Vulnerable

ryzen_5_4680u_firmware

Vulnerable

ryzen_5_4600u_firmware

Vulnerable

ryzen_5_4500u_firmware

Vulnerable

ryzen_3_4300u_firmware

Vulnerable

ryzen_7_5700u_firmware

Vulnerable

ryzen_5_5500u_firmware

Vulnerable

ryzen_3_5300u_firmware

Vulnerable

ryzen_9_5980hx_firmware

Vulnerable

ryzen_9_5980hs_firmware

Vulnerable

ryzen_9_5900hx_firmware

Vulnerable

ryzen_9_5900hs_firmware

Vulnerable

ryzen_7_5800h_firmware

Vulnerable

ryzen_7_5800hs_firmware

Vulnerable

ryzen_7_5825u_firmware

Vulnerable

ryzen_7_5800u_firmware

Vulnerable

ryzen_5_5600h_firmware

Vulnerable

ryzen_5_5600hs_firmware

Vulnerable

ryzen_5_5625u_firmware

Vulnerable

ryzen_5_5600u_firmware

Vulnerable

ryzen_5_5560u_firmware

Vulnerable

ryzen_3_5425u_firmware

Vulnerable

ryzen_3_5400u_firmware

Vulnerable

ryzen_3_5125c_firmware

Vulnerable

ryzen_9_6980hx_firmware

Vulnerable

ryzen_9_6980hs_firmware

Vulnerable

ryzen_9_6900hx_firmware

Vulnerable

ryzen_9_6900hs_firmware

Vulnerable

ryzen_7_6800h_firmware

Vulnerable

ryzen_7_6800hs_firmware

Vulnerable

ryzen_7_6800u_firmware

Vulnerable

ryzen_5_6600h_firmware

Vulnerable

ryzen_5_6600hs_firmware

Vulnerable

ryzen_5_6600u_firmware

Vulnerable

ryzen_5_7520u_firmware

Vulnerable

ryzen_3_7320u_firmware

Vulnerable

ryzen_7_pro_7730u_firmware

Vulnerable

ryzen_7_pro_7730u

ryzen_5_pro_7530u_firmware

Vulnerable

ryzen_5_pro_7530u

ryzen_3_pro_7330u_firmware

Vulnerable

ryzen_3_pro_7330u

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4003

Vendor Advisory

Weaknesses

[email protected]

Primary

CWE-787

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 · High

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-08-08T18:15:11.173

11 months ago

Last modified

2023-08-21T16:56:48.850

11 months ago