Vulnerability Description
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amd | Epyc 7763 Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7763 | - |
| Amd | Epyc 7713P Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7713P | - |
| Amd | Epyc 7713 Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7713 | - |
| Amd | Epyc 7663P Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7663P | - |
| Amd | Epyc 7663 Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7663 | - |
| Amd | Epyc 7643P Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7643P | - |
| Amd | Epyc 7773X Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7773X | - |
| Amd | Epyc 7643 Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7643 | - |
| Amd | Epyc 7573X Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 7573X | - |
| Amd | Epyc 75F3 Firmware | < milanpi_1.0.0.b |
| Amd | Epyc 75F3 | - |
References
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002Vendor Advisory
- https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002Vendor Advisory
FAQ
What is CVE-2023-20566?
CVE-2023-20566 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
How severe is CVE-2023-20566?
CVE-2023-20566 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-20566?
Check the references section above for vendor advisories and patch information. Affected products include: Amd Epyc 7763 Firmware, Amd Epyc 7763, Amd Epyc 7713P Firmware, Amd Epyc 7713P, Amd Epyc 7713 Firmware.