CVE-2023-20563
Severity CVSS v4.0:
Pending analysis
Type:
CWE-269
Improper Privilege Management
Publication date:
14/11/2023
Last modified:
22/10/2024
Description
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:h:amd:ryzen_3_5100:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3_5100_firmware:*:*:*:*:*:*:*:* | comboam4v2_1.2.0.b (excluding) | |
| cpe:2.3:h:amd:ryzen_3_5300g:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3_5300g_firmware:*:*:*:*:*:*:*:* | comboam4v2_1.2.0.b (excluding) | |
| cpe:2.3:h:amd:ryzen_3_5300ge:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_3_5300ge_firmware:*:*:*:*:*:*:*:* | comboam4v2_1.2.0.b (excluding) | |
| cpe:2.3:h:amd:ryzen_5_5500:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_5_5500_firmware:*:*:*:*:*:*:*:* | comboam4v2_1.2.0.b (excluding) | |
| cpe:2.3:h:amd:ryzen_5_5600g:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_5_5600g_firmware:*:*:*:*:*:*:*:* | comboam4v2_1.2.0.b (excluding) | |
| cpe:2.3:h:amd:ryzen_5_5600ge:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_5_5600ge_firmware:*:*:*:*:*:*:*:* | comboam4v2_1.2.0.b (excluding) | |
| cpe:2.3:h:amd:ryzen_7_5700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:amd:ryzen_7_5700_firmware:*:*:*:*:*:*:*:* | comboam4v2_1.2.0.b (excluding) | |
| cpe:2.3:h:amd:ryzen_7_5700g:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page