Search
Find a vulnerability
Search criteria
2 vulnerabilities found for AMD EPYC™ 7003 Series Processors by AMD
CVE-2023-20591 (GCVE-0-2023-20591)
Vulnerability from nvd – Published: 2024-08-13 16:53 – Updated: 2025-03-13 16:41
VLAI
Summary
Improper re-initialization of IOMMU during the DRTM event
may permit an untrusted platform configuration to persist, allowing an attacker
to read or modify hypervisor memory, potentially resulting in loss of
confidentiality, integrity, and availability.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-665 - Improper Initialization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.amd.com/en/resources/product-security… | vendor-advisory |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD EPYC™ 7003 Series Processors |
Unaffected:
MilanPI 1.0.0.B
(PI)
|
|
| AMD | AMD EPYC™ 9004 Series Processors |
Unaffected:
Genoa 1.0.0.8
|
|
| AMD | AMD EPYC™ Embedded 7003 Series Processors |
Unaffected:
EmbMilanPI-SP3 1.0.0.7
|
|
| AMD | AMD EPYC™ Embedded 9003 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.3
|
|
| amd | epyc_7003_firmware |
Affected:
0 , < milanpi_1.0.0.b
(custom)
cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:* |
|
| amd | epyc_9003_firmware |
Affected:
0 , < genoapi_1.0.0.8
(custom)
cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:* |
|
| amd | epyc_7773x_firmware |
Affected:
0 , < milanpi_1.0.0.b
(custom)
cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:* |
|
| amd | epyc_9754s_firmware |
Affected:
0 , < genoapi_1.0.0.8
(custom)
cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:* |
Date Public
2024-08-13 16:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epyc_7003_firmware",
"vendor": "amd",
"versions": [
{
"lessThan": "milanpi_1.0.0.b",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epyc_9003_firmware",
"vendor": "amd",
"versions": [
{
"lessThan": "genoapi_1.0.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epyc_7773x_firmware",
"vendor": "amd",
"versions": [
{
"lessThan": "milanpi_1.0.0.b",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epyc_9754s_firmware",
"vendor": "amd",
"versions": [
{
"lessThan": "genoapi_1.0.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20591",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T13:13:17.696799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-665",
"description": "CWE-665 Improper Initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T16:41:15.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MilanPI 1.0.0.B",
"versionType": "PI"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Genoa 1.0.0.8"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbMilanPI-SP3 1.0.0.7"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.3"
}
]
}
],
"datePublic": "2024-08-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper re-initialization of IOMMU during the DRTM event\nmay permit an untrusted platform configuration to persist, allowing an attacker\nto read or modify hypervisor memory, potentially resulting in loss of\nconfidentiality, integrity, and availability.\n\n\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
}
],
"value": "Improper re-initialization of IOMMU during the DRTM event\nmay permit an untrusted platform configuration to persist, allowing an attacker\nto read or modify hypervisor memory, potentially resulting in loss of\nconfidentiality, integrity, and availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T16:53:23.681Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
}
],
"source": {
"advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2023-20591",
"datePublished": "2024-08-13T16:53:23.681Z",
"dateReserved": "2022-10-27T18:53:39.761Z",
"dateUpdated": "2025-03-13T16:41:15.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20591 (GCVE-0-2023-20591)
Vulnerability from cvelistv5 – Published: 2024-08-13 16:53 – Updated: 2025-03-13 16:41
VLAI
Summary
Improper re-initialization of IOMMU during the DRTM event
may permit an untrusted platform configuration to persist, allowing an attacker
to read or modify hypervisor memory, potentially resulting in loss of
confidentiality, integrity, and availability.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-665 - Improper Initialization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.amd.com/en/resources/product-security… | vendor-advisory |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD EPYC™ 7003 Series Processors |
Unaffected:
MilanPI 1.0.0.B
(PI)
|
|
| AMD | AMD EPYC™ 9004 Series Processors |
Unaffected:
Genoa 1.0.0.8
|
|
| AMD | AMD EPYC™ Embedded 7003 Series Processors |
Unaffected:
EmbMilanPI-SP3 1.0.0.7
|
|
| AMD | AMD EPYC™ Embedded 9003 Series Processors |
Unaffected:
EmbGenoaPI-SP5 1.0.0.3
|
|
| amd | epyc_7003_firmware |
Affected:
0 , < milanpi_1.0.0.b
(custom)
cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:* |
|
| amd | epyc_9003_firmware |
Affected:
0 , < genoapi_1.0.0.8
(custom)
cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:* |
|
| amd | epyc_7773x_firmware |
Affected:
0 , < milanpi_1.0.0.b
(custom)
cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:* |
|
| amd | epyc_9754s_firmware |
Affected:
0 , < genoapi_1.0.0.8
(custom)
cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:* |
Date Public
2024-08-13 16:00
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epyc_7003_firmware",
"vendor": "amd",
"versions": [
{
"lessThan": "milanpi_1.0.0.b",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epyc_9003_firmware",
"vendor": "amd",
"versions": [
{
"lessThan": "genoapi_1.0.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epyc_7773x_firmware",
"vendor": "amd",
"versions": [
{
"lessThan": "milanpi_1.0.0.b",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "epyc_9754s_firmware",
"vendor": "amd",
"versions": [
{
"lessThan": "genoapi_1.0.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20591",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T13:13:17.696799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-665",
"description": "CWE-665 Improper Initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T16:41:15.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "MilanPI 1.0.0.B",
"versionType": "PI"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 9004 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "Genoa 1.0.0.8"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbMilanPI-SP3 1.0.0.7"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "EmbGenoaPI-SP5 1.0.0.3"
}
]
}
],
"datePublic": "2024-08-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper re-initialization of IOMMU during the DRTM event\nmay permit an untrusted platform configuration to persist, allowing an attacker\nto read or modify hypervisor memory, potentially resulting in loss of\nconfidentiality, integrity, and availability.\n\n\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
}
],
"value": "Improper re-initialization of IOMMU during the DRTM event\nmay permit an untrusted platform configuration to persist, allowing an attacker\nto read or modify hypervisor memory, potentially resulting in loss of\nconfidentiality, integrity, and availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T16:53:23.681Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
}
],
"source": {
"advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2023-20591",
"datePublished": "2024-08-13T16:53:23.681Z",
"dateReserved": "2022-10-27T18:53:39.761Z",
"dateUpdated": "2025-03-13T16:41:15.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}