Epyc 7003 Firmware
CVE-2023-20530
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service.
AnalysisAI
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. Affected products include: Amd Epyc 7003 Firmware, Amd Epyc 72F3 Firmware, Amd Epyc 7313 Firmware, Amd Epyc 7313P Firmware, Amd Epyc 7343 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Epyc 7003 Firmware
View allImproper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to us
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox ent
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW,
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value poten
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, po
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the b
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of inte
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential in
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. Rated med
Same weakness CWE-20 – Improper Input Validation
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today