CVE-2023-20591

CRITICAL EPSS 21.6%

Published Aug 13, 20241y ago · Modified Jun 17, 20261w ago

10.0 CVSS 3.1

Critical

Published Aug 13, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability.

CVSS Details

Base Score

10.0

Exploitability

3.9

Impact

6.0

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Changed

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

21.6% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-665

Affected Products 130

Vendor	Product	Version	Range
amd	epyc_8024pn_firmware	*	<genoapi_1.0.0.8
amd	epyc_8024pn	*	any
amd	epyc_8024p_firmware	*	<genoapi_1.0.0.8
amd	epyc_8024p	*	any
amd	epyc_8124pn_firmware	*	<genoapi_1.0.0.8
amd	epyc_8124pn	*	any
amd	epyc_8124p_firmware	*	<genoapi_1.0.0.8
amd	epyc_8124p	*	any
amd	epyc_8224pn_firmware	*	<genoapi_1.0.0.8
amd	epyc_8224pn	*	any
amd	epyc_8224p_firmware	*	<genoapi_1.0.0.8
amd	epyc_8224p	*	any
amd	epyc_8324pn_firmware	*	<genoapi_1.0.0.8
amd	epyc_8324pn	*	any
amd	epyc_8324p_firmware	*	<genoapi_1.0.0.8
amd	epyc_8324p	*	any
amd	epyc_8434pn_firmware	*	<genoapi_1.0.0.8
amd	epyc_8434pn	*	any
amd	epyc_8434p_firmware	*	<genoapi_1.0.0.8
amd	epyc_8434p	*	any
amd	epyc_8534pn_firmware	*	<genoapi_1.0.0.8
amd	epyc_8534pn	*	any
amd	epyc_8534p_firmware	*	<genoapi_1.0.0.8
amd	epyc_8534p	*	any
amd	epyc_9734_firmware	*	<genoapi_1.0.0.8
amd	epyc_9734	*	any
amd	epyc_9754s_firmware	*	<genoapi_1.0.0.8
amd	epyc_9754s	*	any
amd	epyc_9754_firmware	*	<genoapi_1.0.0.8
amd	epyc_9754	*	any
amd	epyc_9184x_firmware	*	<genoapi_1.0.0.8
amd	epyc_9184x	*	any
amd	epyc_9384x_firmware	*	<genoapi_1.0.0.8
amd	epyc_9384x	*	any
amd	epyc_9684x_firmware	*	<genoapi_1.0.0.8
amd	epyc_9684x	*	any
amd	epyc_9124_firmware	*	<genoapi_1.0.0.8
amd	epyc_9124	*	any
amd	epyc_9174f_firmware	*	<genoapi_1.0.0.8
amd	epyc_9174f	*	any
amd	epyc_9224_firmware	*	<genoapi_1.0.0.8
amd	epyc_9224	*	any
amd	epyc_9254_firmware	*	<genoapi_1.0.0.8
amd	epyc_9254	*	any
amd	epyc_9274f_firmware	*	<genoapi_1.0.0.8
amd	epyc_9274f	*	any
amd	epyc_9334_firmware	*	<genoapi_1.0.0.8
amd	epyc_9334	*	any
amd	epyc_9354_firmware	*	<genoapi_1.0.0.8
amd	epyc_9354	*	any
amd	epyc_9354p_firmware	*	<genoapi_1.0.0.8
amd	epyc_9354p	*	any
amd	epyc_9374f_firmware	*	<genoapi_1.0.0.8
amd	epyc_9374f	*	any
amd	epyc_9454_firmware	*	<genoapi_1.0.0.8
amd	epyc_9454	*	any
amd	epyc_9454p_firmware	*	<genoapi_1.0.0.8
amd	epyc_9454p	*	any
amd	epyc_9474f_firmware	*	<genoapi_1.0.0.8
amd	epyc_9474f	*	any
amd	epyc_9534_firmware	*	<genoapi_1.0.0.8
amd	epyc_9534	*	any
amd	epyc_9554_firmware	*	<genoapi_1.0.0.8
amd	epyc_9554	*	any
amd	epyc_9554p_firmware	*	<genoapi_1.0.0.8
amd	epyc_9554p	*	any
amd	epyc_9634_firmware	*	<genoapi_1.0.0.8
amd	epyc_9634	*	any
amd	epyc_9654_firmware	*	<genoapi_1.0.0.8
amd	epyc_9654	*	any
amd	epyc_9654p_firmware	*	<genoapi_1.0.0.8
amd	epyc_9654p	*	any
amd	epyc_7203_firmware	*	<milanpi_1.0.0.b
amd	epyc_7203	*	any
amd	epyc_7203p_firmware	*	<milanpi_1.0.0.b
amd	epyc_7203p	*	any
amd	epyc_72f3_firmware	*	<milanpi_1.0.0.b
amd	epyc_72f3	*	any
amd	epyc_7303_firmware	*	<milanpi_1.0.0.b
amd	epyc_7303	*	any
amd	epyc_7303p_firmware	*	<milanpi_1.0.0.b
amd	epyc_7303p	*	any
amd	epyc_7313_firmware	*	<milanpi_1.0.0.b
amd	epyc_7313	*	any
amd	epyc_7313p_firmware	*	<milanpi_1.0.0.b
amd	epyc_7313p	*	any
amd	epyc_7343_firmware	*	<milanpi_1.0.0.b
amd	epyc_7343	*	any
amd	epyc_73f3_firmware	*	<milanpi_1.0.0.b
amd	epyc_73f3	*	any
amd	epyc_7373x_firmware	*	<milanpi_1.0.0.b
amd	epyc_7373x	*	any
amd	epyc_7413_firmware	*	<milanpi_1.0.0.b
amd	epyc_7413	*	any
amd	epyc_7443_firmware	*	<milanpi_1.0.0.b
amd	epyc_7443	*	any
amd	epyc_7443p_firmware	*	<milanpi_1.0.0.b
amd	epyc_7443p	*	any
amd	epyc_74f3_firmware	*	<milanpi_1.0.0.b
amd	epyc_74f3	*	any
amd	epyc_7453_firmware	*	<milanpi_1.0.0.b
amd	epyc_7453	*	any
amd	epyc_7473x_firmware	*	<milanpi_1.0.0.b
amd	epyc_7473x	*	any
amd	epyc_7513_firmware	*	<milanpi_1.0.0.b
amd	epyc_7513	*	any
amd	epyc_7543_firmware	*	<milanpi_1.0.0.b
amd	epyc_7543	*	any
amd	epyc_7543p_firmware	*	<milanpi_1.0.0.b
amd	epyc_7543p	*	any
amd	epyc_75f3_firmware	*	<milanpi_1.0.0.b
amd	epyc_75f3	*	any
amd	epyc_7573x_firmware	*	<milanpi_1.0.0.b
amd	epyc_7573x	*	any
amd	epyc_7643_firmware	*	<milanpi_1.0.0.b
amd	epyc_7643	*	any
amd	epyc_7773x_firmware	*	<milanpi_1.0.0.b
amd	epyc_7773x	*	any
amd	epyc_7643p_firmware	*	<milanpi_1.0.0.b
amd	epyc_7643p	*	any
amd	epyc_7663_firmware	*	<milanpi_1.0.0.b
amd	epyc_7663	*	any
amd	epyc_7663p_firmware	*	<milanpi_1.0.0.b
amd	epyc_7663p	*	any
amd	epyc_7713_firmware	*	<milanpi_1.0.0.b
amd	epyc_7713	*	any
amd	epyc_7713p_firmware	*	<milanpi_1.0.0.b
amd	epyc_7713p	*	any
amd	epyc_7763_firmware	*	<milanpi_1.0.0.b
amd	epyc_7763	*	any

References 1

amd.com https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.