CVE-2023-20555
CVE-2023-20555
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
08 ago 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Insufficient input validation in
CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting
an arbitrary bit in an attacker-controlled pointer potentially leading to
arbitrary code execution in SMM.
Productos afectados
AMD · Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics “Picasso”AMD · Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” FP5AMD · Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”AMD · Ryzen™ 3000 Series Desktop Processors “Matisse” AM4AMD · Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Picasso”AMD · Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” FP5AMD · Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6AMD · Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4AMD · Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics “Cezanne” AM4AMD · Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”AMD · Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”AMD · Ryzen™ 6000 Series Mobile Processors "Rembrandt"AMD · Ryzen™ 7000 Series Processors “Raphael”AMD · Ryzen™ 7020 Series Mobile Processors “Mendocino”AMD · Ryzen™ 7030 Series Mobile Processors “Barcelo”¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →