CVE-2023-20599
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-20599
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1262
Source: NVD (National Vulnerability Database)
Vulnerability Title
AMD EPYC 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AMD EPYC是美国超威半导体(AMD)公司的一款x86架构服务器微处理器产品线,中文名为“霄龙”,采用Zen微架构。 AMD EPYC存在安全漏洞,该漏洞源于寄存器访问控制不当,可能导致特权攻击者未经授权访问CCP寄存器,从而破坏加密密钥指针或索引的完整性或机密性。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| AMD | AMD EPYC™ 7002 Series Processors | RomePI 100H SEV 0.24.19 [hex 00.18.13] | - | |
| AMD | AMD Ryzen™ Threadripper™ 3000 Processors | CastlePeakPI-SP3r3_1.0.0.F | - | |
| AMD | AMD Ryzen™ Threadripper™ PRO 3000 WX Processors | ChagallWSPI-sWRX8 1.0.0.C | - | |
| AMD | AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics | PicassoPI-FP5_1.0.1.2c | - | |
| AMD | AMD EPYC™ Embedded 7002 Series Processors | EmbRomePI-SP3 1.0.0.B | - | |
| AMD | AMD EPYC™ Embedded 7003 Series Processors | EmbMilanPI-SP3 1.0.0.8 | - | |
| AMD | AMD Ryzen™ Embedded R1000 Series Processors | EmbeddedPI-FP5 1211 | - | |
| AMD | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics | EmbeddedPI-FP5 1211 | - | |
| AMD | AMD Ryzen™ Embedded R2000 Series Processors | EmbeddedR2KPI-FP5 1006 | - | |
| AMD | AMD Ryzen™ Embedded V1000 Series Processors | EmbeddedPI-FP5 1211 RC1 | - |
II. Public POCs for CVE-2023-20599
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-20599
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-1262
- CVE-2025-47385
Improper Access Control for Register Interface in SCE-Mink - CVE-2025-36194
This Power System update is being released to address - CVE-2025-20788
MediaTek Chipsets 安全漏洞 - CVE-2024-45556
Improper Access Control for Register Interface in TZ Firmwar - CVE-2025-1882
i-Drive i11/i12 Device Setting improper access control for r
V. Comments for CVE-2023-20599
No comments yet