Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for AMD EPYC™ 7003 Series Processors by AMD

    CVE-2023-20591 (GCVE-0-2023-20591)

    Vulnerability from nvd – Published: 2024-08-13 16:53 – Updated: 2025-03-13 16:41
    VLAI
    Summary
    Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-665 - Improper Initialization
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.B (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: Genoa 1.0.0.8
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.7
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9003 Series Processors Unaffected: EmbGenoaPI-SP5 1.0.0.3
    Create a notification for this product.
    amd epyc_7003_firmware Affected: 0 , < milanpi_1.0.0.b (custom)
        cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc_9003_firmware Affected: 0 , < genoapi_1.0.0.8 (custom)
        cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc_7773x_firmware Affected: 0 , < milanpi_1.0.0.b (custom)
        cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc_9754s_firmware Affected: 0 , < genoapi_1.0.0.8 (custom)
        cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc_7003_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "milanpi_1.0.0.b",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc_9003_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "genoapi_1.0.0.8",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc_7773x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "milanpi_1.0.0.b",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc_9754s_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "genoapi_1.0.0.8",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20591",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T13:13:17.696799Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-665",
                    "description": "CWE-665 Improper Initialization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T16:41:15.645Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003  Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.B",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Genoa 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5  1.0.0.3"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper re-initialization of IOMMU during the DRTM event\nmay permit an untrusted platform configuration to persist, allowing an attacker\nto read or modify hypervisor memory, potentially resulting in loss of\nconfidentiality, integrity, and availability.\n\n\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Improper re-initialization of IOMMU during the DRTM event\nmay permit an untrusted platform configuration to persist, allowing an attacker\nto read or modify hypervisor memory, potentially resulting in loss of\nconfidentiality, integrity, and availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:53:23.681Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20591",
        "datePublished": "2024-08-13T16:53:23.681Z",
        "dateReserved": "2022-10-27T18:53:39.761Z",
        "dateUpdated": "2025-03-13T16:41:15.645Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20591 (GCVE-0-2023-20591)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:53 – Updated: 2025-03-13 16:41
    VLAI
    Summary
    Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-665 - Improper Initialization
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.B (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: Genoa 1.0.0.8
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.7
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9003 Series Processors Unaffected: EmbGenoaPI-SP5 1.0.0.3
    Create a notification for this product.
    amd epyc_7003_firmware Affected: 0 , < milanpi_1.0.0.b (custom)
        cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc_9003_firmware Affected: 0 , < genoapi_1.0.0.8 (custom)
        cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc_7773x_firmware Affected: 0 , < milanpi_1.0.0.b (custom)
        cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc_9754s_firmware Affected: 0 , < genoapi_1.0.0.8 (custom)
        cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc_7003_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "milanpi_1.0.0.b",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:epyc_9003_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc_9003_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "genoapi_1.0.0.8",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:epyc_7203_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7203p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_72f3_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7303_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7303p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7313p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7343_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7373x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7413_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7443_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7443p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7453_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7473x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_74f3_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7513_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7543_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7573x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_75f3_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7643_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7643p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7663_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7663p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7713_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7713p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7763_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_7773x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc_7773x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "milanpi_1.0.0.b",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:epyc_8024p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8024pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8124p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8124pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8224p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8224pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8324p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8324pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8434p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8434pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8534p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_8534pn_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9124_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9174f_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9184x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9224_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9254_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9274f_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9334_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9354_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9354p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9374f_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9384x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9454_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9454p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9474f_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9534_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9554_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9554p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9634_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9654_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9654p_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9684x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9734_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9754_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:epyc_9754s_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc_9754s_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "genoapi_1.0.0.8",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20591",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T13:13:17.696799Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-665",
                    "description": "CWE-665 Improper Initialization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T16:41:15.645Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003  Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.B",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Genoa 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5  1.0.0.3"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper re-initialization of IOMMU during the DRTM event\nmay permit an untrusted platform configuration to persist, allowing an attacker\nto read or modify hypervisor memory, potentially resulting in loss of\nconfidentiality, integrity, and availability.\n\n\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Improper re-initialization of IOMMU during the DRTM event\nmay permit an untrusted platform configuration to persist, allowing an attacker\nto read or modify hypervisor memory, potentially resulting in loss of\nconfidentiality, integrity, and availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:53:23.681Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20591",
        "datePublished": "2024-08-13T16:53:23.681Z",
        "dateReserved": "2022-10-27T18:53:39.761Z",
        "dateUpdated": "2025-03-13T16:41:15.645Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }