Epyc 7763 Firmware
CVE-2023-20573
LOW
Severity by source
AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.
AnalysisAI
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-693. A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information. Affected products include: Amd Epyc 7763 Firmware, Amd Epyc 7713P Firmware, Amd Epyc 7713 Firmware, Amd Epyc 7663P Firmware, Amd Epyc 7663 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Epyc 7763 Firmware
View allImproper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-b
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. R
A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to fl
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a g
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially le
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to us
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox ent
Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity. Rated high se
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW,
Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity. Rated high severity (CVSS 7.8)
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integri
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an inva
Same weakness CWE-693 – Protection Mechanism Failure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today