CVE-2022-23823 — MEDIUM (6.5)

Vulnerability Description

A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Amd	Athlon X4 750 Firmware	-
Amd	Athlon X4 750	-
Amd	Athlon X4 760K Firmware	-
Amd	Athlon X4 760K	-
Amd	Athlon X4 830 Firmware	-
Amd	Athlon X4 830	-
Amd	Athlon X4 835 Firmware	-
Amd	Athlon X4 835	-
Amd	Athlon X4 840 Firmware	-
Amd	Athlon X4 840	-
Amd	Athlon X4 845 Firmware	-
Amd	Athlon X4 845	-
Amd	Athlon X4 860K Firmware	-
Amd	Athlon X4 860K	-
Amd	Athlon X4 870K Firmware	-
Amd	Athlon X4 870K	-
Amd	Athlon X4 880K Firmware	-
Amd	Athlon X4 880K	-
Amd	Athlon X4 940 Firmware	-
Amd	Athlon X4 940	-

Related Weaknesses (CWE)

CWE-203

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1038Vendor Advisory
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1038Vendor Advisory

FAQ

What is CVE-2022-23823?

CVE-2022-23823 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.

How severe is CVE-2022-23823?

CVE-2022-23823 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-23823?

Check the references section above for vendor advisories and patch information. Affected products include: Amd Athlon X4 750 Firmware, Amd Athlon X4 750, Amd Athlon X4 760K Firmware, Amd Athlon X4 760K, Amd Athlon X4 830 Firmware.