CVE-2023-20572

Vulnerability Description

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity.

Related Weaknesses (CWE)

CWE-208

References

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4012.html

FAQ

What is CVE-2023-20572?

CVE-2023-20572 is a documented vulnerability. An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, ...

How severe is CVE-2023-20572?

CVSS scoring is not yet available for CVE-2023-20572. Check NVD for updates.

Is there a patch for CVE-2023-20572?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.