Main Vulnerability Database Vulnerabilities #VU78861

#VU78861 Improper restriction of software interfaces to hardware features in AMD CPU Firmware - CVE-2023-20583

Published: August 2, 2023

Vulnerability identifier: #VU78861

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-20583

CWE-ID: CWE-1256

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
AMD CPU Firmware

Software vendor:
AMD

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the way data in a cache line changes over time. A local user can monitor the CPU power consumption and potentially gain access to sensitive information using software-based power side channels.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7006

#VU78861 Improper restriction of software interfaces to hardware features in AMD CPU Firmware - CVE-2023-20583

Description

Remediation

External links

Please verify you're human