CVE-2023-20594
CVE-2023-20594
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
20 Sep 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
Affected products
AMD · 3rd Gen AMD EPYC™ ProcessorsAMD · AMD Ryzen™ Embedded 7000AMD · AMD Ryzen™ Embedded V3000AMD · Ryzen™ 3000 Series Desktop Processors “Matisse”AMD · Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4AMD · Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6AMD · Ryzen™ 5000 Series Desktop Processors “Vermeer”AMD · Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne”AMD · Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics "Barcelo"AMD · Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”AMD · Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”AMD · Ryzen™ 6000 Series Mobile Processors with Radeon™ Graphics "Rembrandt"AMD · Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”AMD · Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics "Rembrandt-R"AMD · Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDTAMD · Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS SP3AMD · Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →