CVE-2023-20566
7.5HIGH
Key Information
- Vendor
- Amd
- Status
- 3rd Gen Amd Epyc™ Processors
- 4th Gen Amd Epyc™ Processors
- Amd Epyc™ Embedded 7003
- Amd Epyc™ Embedded 9003
- Vendor
- CVE Published:
- 14 November 2023
Summary
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
Affected Version(s)
3rd Gen AMD EPYC™ Processors = various
4th Gen AMD EPYC™ Processors = various
AMD EPYC™ Embedded 7003 = various
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Risk change from: 7.5 to: 5.3 - (MEDIUM)
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database