Debug Exception Delivery in Secure Nested Paging
CVE-2023-20573
3.2LOW
Key Information
- Vendor
- AMD
- Status
- 3rd Gen AMD EPYC™ Processors
- 4th Gen AMD EPYC™ Processors
- Vendor
- CVE Published:
- 11 January 2024
Badges
👾 Exploit Exists🔴 Public PoC
Summary
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.
Affected Version(s)
3rd Gen AMD EPYC™ Processors <= various
4th Gen AMD EPYC™ Processors <= Various
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
CVSS V3.1
Score:
3.2
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published.
- 👾
Exploit exists.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database1 Proof of Concept(s)