Microarchitectural Vulnerability in AMD Zen 2 CPUs
CVE-2023-20593

5.5MEDIUM

Key Information:

Vendor: Amd
Status: Ryzen™ 3000 Series Desktop Processors “matisse” Am4; Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics “renoir” Am4; 3rd Gen Amd Ryzen™ Threadripper™ Processors “castle Peak” Hedt; Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3
Vendor: CVE Published:; 24 July 2023

Badges

👾 Exploit Exists🟡 Public PoC📰 News Worthy

Summary

An issue has been identified within AMD's Zen 2 microarchitecture that could enable an attacker to exploit specific conditions, potentially leading to unauthorized access to sensitive data. This vulnerability underscores the importance of verifying the security of CPU architectures, particularly in environments handling sensitive information. Mitigation measures should be prioritized to ensure system integrity and data protection.

Affected Version(s)

2nd Gen AMD EPYC™ Processors x86 various

3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT x86 various

AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4 x86 various

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

stop-zenbleed-win
Created by sbaresearch