CVE-2023-20559 | Severity.io

Description

Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges.

Related CPE's

ryzen_7_5700g_firmware

Vulnerable

ryzen_7_5700ge_firmware

Vulnerable

ryzen_5_5600g_firmware

Vulnerable

ryzen_5_5600ge_firmware

Vulnerable

ryzen_3_5300g_firmware

Vulnerable

ryzen_3_5300ge_firmware

Vulnerable

ryzen_9_5980hx_firmware

Vulnerable

ryzen_9_5980hs_firmware

Vulnerable

ryzen_7_5825u_firmware

Vulnerable

ryzen_9_5900hx_firmware

Vulnerable

ryzen_9_5900hs_firmware

Vulnerable

ryzen_7_5825c_firmware

Vulnerable

ryzen_7_5800h_firmware

Vulnerable

ryzen_5_5625u_firmware

Vulnerable

ryzen_7_5800hs_firmware

Vulnerable

ryzen_5_5625c_firmware

Vulnerable

ryzen_5_5600h_firmware

Vulnerable

ryzen_5_5600hs_firmware

Vulnerable

ryzen_7_5800u_firmware

Vulnerable

ryzen_5_5600u_firmware

Vulnerable

ryzen_5_5560u_firmware

Vulnerable

ryzen_3_5425u_firmware

Vulnerable

ryzen_3_5425c_firmware

Vulnerable

ryzen_3_5400u_firmware

Vulnerable

ryzen_3_5125c_firmware

Vulnerable

athlon_silver_3050u_firmware

Vulnerable

athlon_silver_3050u

athlon_gold_3150u_firmware

Vulnerable

athlon_gold_3150u

ryzen_3_3200u_firmware

Vulnerable

ryzen_3_3250u_firmware

Vulnerable

ryzen_3_3300u_firmware

Vulnerable

ryzen_3_3350u_firmware

Vulnerable

ryzen_3_3450u_firmware

Vulnerable

ryzen_3_3500u_firmware

Vulnerable

ryzen_3_3500c_firmware

Vulnerable

ryzen_3_3550h_firmware

Vulnerable

ryzen_3_3580u_firmware

Vulnerable

ryzen_3_3700u_firmware

Vulnerable

ryzen_3_3700c_firmware

Vulnerable

ryzen_3_3750h_firmware

Vulnerable

ryzen_3_3780u_firmware

Vulnerable

ryzen_3_2200u_firmware

Vulnerable

ryzen_3_2300u_firmware

Vulnerable

ryzen_5_2500u_firmware

Vulnerable

ryzen_5_2600_firmware

Vulnerable

ryzen_5_2600h_firmware

Vulnerable

ryzen_5_2600x_firmware

Vulnerable

ryzen_5_2700_firmware

Vulnerable

ryzen_5_2700x_firmware

Vulnerable

ryzen_7_2700_firmware

Vulnerable

ryzen_7_2700u_firmware

Vulnerable

ryzen_7_2700x_firmware

Vulnerable

ryzen_7_2800h_firmware

Vulnerable

ryzen_3_3300x_firmware

Vulnerable

ryzen_5_3500_firmware

Vulnerable

ryzen_5_3500x_firmware

Vulnerable

ryzen_5_3600_firmware

Vulnerable

ryzen_5_3600x_firmware

Vulnerable

ryzen_5_3600xt_firmware

Vulnerable

ryzen_7_3700x_firmware

Vulnerable

ryzen_7_3800x_firmware

Vulnerable

ryzen_7_3800xt_firmware

Vulnerable

ryzen_9_3900_firmware

Vulnerable

ryzen_9_3900x_firmware

Vulnerable

ryzen_9_3900xt_firmware

Vulnerable

ryzen_9_3950x_firmware

Vulnerable

ryzen_9_pro_3900_firmware

Vulnerable

ryzen_9_pro_3900

ryzen_threadripper_2990wx_firmware

Vulnerable

ryzen_threadripper_2990wx

ryzen_threadripper_2970wx_firmware

Vulnerable

ryzen_threadripper_2970wx

ryzen_threadripper_2950x_firmware

Vulnerable

ryzen_threadripper_2950x

ryzen_threadripper_2920x_firmware

Vulnerable

ryzen_threadripper_2920x

ryzen_threadripper_3990x_firmware

Vulnerable

ryzen_threadripper_3990x

ryzen_threadripper_3970x_firmware

Vulnerable

ryzen_threadripper_3970x

ryzen_threadripper_3960x_firmware

Vulnerable

ryzen_threadripper_3960x

ryzen_threadripper_pro_3795wx_firmware

Vulnerable

ryzen_threadripper_pro_3795wx

ryzen_threadripper_pro_3945wx_firmware

Vulnerable

ryzen_threadripper_pro_3945wx

ryzen_threadripper_pro_3955wx_firmware

Vulnerable

ryzen_threadripper_pro_3955wx

ryzen_threadripper_pro_3975wx_firmware

Vulnerable

ryzen_threadripper_pro_3975wx

ryzen_threadripper_pro_3995wx_firmware

Vulnerable

ryzen_threadripper_pro_3995wx

ryzen_threadripper_pro_5945wx_firmware

Vulnerable

ryzen_threadripper_pro_5945wx

ryzen_threadripper_pro_5955wx_firmware

Vulnerable

ryzen_threadripper_pro_5955wx

ryzen_threadripper_pro_5965wx_firmware

Vulnerable

ryzen_threadripper_pro_5965wx

ryzen_threadripper_pro_5975wx_firmware

Vulnerable

ryzen_threadripper_pro_5975wx

ryzen_threadripper_pro_5995wx_firmware

Vulnerable

ryzen_threadripper_pro_5995wx

ryzen_7_4700g_firmware

Vulnerable

ryzen_7_4700ge_firmware

Vulnerable

ryzen_5_4600g_firmware

Vulnerable

ryzen_5_4600ge_firmware

Vulnerable

ryzen_3_4300g_firmware

Vulnerable

ryzen_3_4300ge_firmware

Vulnerable

References

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1027.html

Vendor Advisory

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1027.html

Vendor Advisory

Weaknesses

[email protected]

Primary

NVD-CWE-noinfo

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary

CWE-691

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 · High

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-04-02T21:15:08.510

2 years ago

Last modified

2025-02-25T17:15:11.553

4 months ago