← back
CVE-2023-20591

CVE-2023-20591

CVSS 6.5 MEDIUMEPSS 0.3%CWE-665
Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
Affected products
AMD · AMD EPYC™ 7003 Series ProcessorsAMD · AMD EPYC™ 9004 Series ProcessorsAMD · AMD EPYC™ Embedded 7003 Series ProcessorsAMD · AMD EPYC™ Embedded 9003 Series Processors

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html