PT-2023-1373 · Amd · Amd System Management Unit
Published
2023-01-10
·
Updated
2023-01-20
·
CVE-2023-20528
CVSS v2.0
3.3
Low
| Vector | AV:A/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
AMD System Management Unit (SMU) (affected versions not specified)
Description
The issue is related to insufficient input validation in the SMU, which may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus, potentially leading to a loss of confidentiality. The vulnerability exists due to inadequate input validation in the System Management Unit (SMU) component of AMD processors, and its exploitation may allow a remote attacker to disclose protected information.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Amd System Management Unit