Unrated severityNVD Advisory· Published Mar 23, 2023· Updated Feb 20, 2025
CVE-2023-20558
CVE-2023-20558
Description
Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges.
Affected products
8- AMD/2nd Gen AMD Ryzen™ Threadripper™ Processorv5Range: Various
- AMD/3rd Gen AMD Ryzen™ Threadripper™ Processorsv5Range: various
- AMD/Ryzen™ 2000 Seriesv5Range: various
- AMD/Ryzen™ 3000 Seriesv5Range: various
- AMD/Ryzen™ 4000 Seriesv5Range: various
- AMD/Ryzen™ 5000 Seriesv5Range: various
- AMD/Ryzen™ Threadripper™ PRO Processorv5Range: various
Patches
Vulnerability mechanics
References
1- www.amd.com/en/resources/product-security/bulletin/amd-sb-1027.htmlmitrevendor-advisory
News mentions
0No linked articles in our index yet.