CVE-2023-20530

{"id": "CVE-2023-20530", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-01-11T08:15:13.950", "references": [{"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032", "tags": ["Vendor Advisory"], "source": "psirt@amd.com"}, {"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service.\n"}, {"lang": "es", "value": "Una validaci\u00f3n de entrada insuficiente de los mensajes del buz\u00f3n del BIOS en SMU puede provocar lecturas de memoria fuera de los l\u00edmites, lo que podr\u00eda provocar una denegaci\u00f3n de servicio."}], "lastModified": "2024-11-21T07:41:05.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15A7FC33-9F8F-4862-8CF9-FC39D3493EAA", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7003:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C912AA31-FB2D-4BD9-B1BD-3C8D7EEE771C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "934DEED4-7118-435E-AF96-C34EC71D3AE5", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7F98FF1A-3A2B-4CED-AEA2-9C4F2AC2D8C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9710AF52-5E45-44CE-88EB-821F538A1692", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B02B61B7-7DD3-4164-8D32-EB961E981BC9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55BF1B99-92BB-4BD7-84DC-BCBF4BFAF234", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9000686A-DC2B-4561-9C32-E90890EB2EBA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2807BF4F-10B8-470A-8646-A8224E04DCCD", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "71B9C24B-2C10-4826-A91B-E1C60665FBBE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48DB2F6F-AF8C-4B1D-A0C1-D6DBCD34D528", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "180B3002-B3C5-48B5-8322-5B64B237C5B9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F793F124-BC16-48C7-9FB6-4932EE153E31", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "678C5F58-8AE9-46FF-8F01-4CF394C87A2C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D54F40EC-C433-4FB6-A07A-8C81FD3E04A7", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D1766FF1-77A9-4293-B826-F6A8FBD7AFBF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BEC5185-2AA7-4EF2-925E-B3A1E9229CE7", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4C474537-3006-41BA-8C3D-5C370E3ACECD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4DAD7E6-9D81-4DA7-831A-29ACFC3663F9", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E2B13CA-72F4-4CF6-9E12-62E6E9056A14"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44F9FCF1-CA75-4688-BD62-487029054E35", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "241E39FF-FE66-444C-A4C2-3D28C45341BE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C092D5C7-369F-4EED-90FA-10091BB49861", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02D08121-DC57-47D7-8214-23A209F0AF08"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEE0F93E-E95E-4EBC-9B40-2DF1ABBCBFB4", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8264DF4-47B4-4716-AE89-44AFA870D385"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3375DF8B-D0D7-4888-8D24-0A1834E4FD2C", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52544912-FAA3-4025-A5FD-151B21CEC53B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "157CD272-1F01-4514-81A2-8B4E7E177C5C", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "77A0A47B-74A1-4731-92A8-BC10FFE58ECF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45168C28-F506-4D42-92D1-FF1AE03044D9", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "237FB33B-BF08-4E3E-8E83-EB0AD2F12A4B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "258BFA6D-AFF2-4199-A59A-85643DB6A561", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBF0AFED-588A-4EFB-8C90-9280BC3A6720"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38DAF4CB-74A0-4404-83F2-00D78E7B5EAB", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98E1D79D-0CB0-4FD9-8A82-27CDFBFE07B2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00C17F69-0E8C-4272-8412-CE33F594E740", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7DFCB62-6CDF-4AD2-9265-1887E5780CA5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82C4F4E6-2BB3-4CD0-89B3-E234E1DE2222", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D698D3E-BB05-4C65-90F4-8DAE275CD6A4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A775676-D398-43F5-AD5D-C4FD8ECD2AC4", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2299ED50-B4D2-4BB3-AD87-56D552B84AE1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7743_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81334861-6BFD-4DF2-9EDD-45F14044FB6A", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7743:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8C206A50-1225-4CC8-BC38-A7FEF4E2BA54"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FB69E43-DCB4-432C-9ED3-D7364F75AA58", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4F900BDD-F094-41A6-9A23-31F53DBA95D4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D11A474-6C0F-4B95-85F6-138C98D1F32B", "versionEndExcluding": "milanpi_1.0.0.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D02B1C69-BAA4-485B-BE22-46BE321F9E4E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@amd.com"}