Power Side-Channel Vulnerability in AMD Processors
CVE-2023-20575

6.5MEDIUM

Key Information:

Vendor

Amd
Status
1st Gen Amd Epyc™ Processors
2nd Gen Amd Epyc™ Processors
3rd Gen Amd Epyc™ Processors
4th Gen Amd Epyc™ Processors
Vendor
CVE Published:
11 July 2023

What is CVE-2023-20575?

A power side-channel vulnerability exists in certain AMD processors that allows an authenticated attacker to leverage power reporting features. By monitoring the power consumption of a program's execution within an AMD Secure Encrypted Virtualization (SEV) virtual machine, the attacker could potentially extract sensitive information. This vulnerability highlights the risks associated with power monitoring capabilities in virtualized environments.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

1st Gen AMD EPYC™ Processors x86 various

2nd Gen AMD EPYC™ Processors x86 various

3rd Gen AMD EPYC™ Processors x86 various

References

https://www.amd.com/en/corporate/product-security/bulleti...
vendor-advisory

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.