CVE-2023-20570

Insufficient verification of data authenticity in
the configuration state machine may allow a local attacker to potentially load
arbitrary bitstreams.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AMDCNA
---
---
CISA-ADPADP
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
amdalveo_u50_firmware
-
amdalveo_u200_firmware
-
amdalveo_u250_firmware
-
amdalveo_u280_firmware
-
amdkintex_ultrascale\+_ku3p_firmware
-
amdkintex_ultrascale\+_ku5p_firmware
-
amdkintex_ultrascale\+_ku9p_firmware
-
amdkintex_ultrascale\+_ku11p_firmware
-
amdkintex_ultrascale\+_ku13p_firmware
-
amdkintex_ultrascale\+_ku15p_firmware
-
amdkintex_ultrascale\+_ku19p_firmware
-
amdkintex_ultrascale_ku025_firmware
-
amdkintex_ultrascale_ku035_firmware
-
amdkintex_ultrascale_ku040_firmware
-
amdkintex_ultrascale_ku060_firmware
-
amdkintex_ultrascale_ku085_firmware
-
amdkintex_ultrascale_ku095_firmware
-
amdkintex_ultrascale_ku115_firmware
-
amdvirtex_ultrascale_xcvu065_firmware
-
amdvirtex_ultrascale_xcvu080_firmware
-
amdvirtex_ultrascale_xcvu095_firmware
-
amdvirtex_ultrascale_xcvu125_firmware
-
amdvirtex_ultrascale_xcvu160_firmware
-
amdvirtex_ultrascale_xcvu190_firmware
-
amdvirtex_ultrascale_xcvu440_firmware
-
amdvirtex_ultrascale\+_vu3p_firmware
-
amdvirtex_ultrascale\+_vu5p_firmware
-
amdvirtex_ultrascale\+_vu7p_firmware
-
amdvirtex_ultrascale\+_vu9p_firmware
-
amdvirtex_ultrascale\+_vu11p_firmware
-
amdvirtex_ultrascale\+_vu13p_firmware
-
amdvirtex_ultrascale\+_vu19p_firmware
-
amdvirtex_ultrascale\+_vu23p_firmware
-
amdvirtex_ultrascale\+_vu27p_firmware
-
amdvirtex_ultrascale\+_vu29p_firmware
-
amdvirtex_ultrascale\+_vu31p_firmware
-
amdvirtex_ultrascale\+_vu33p_firmware
-
amdvirtex_ultrascale\+_vu35p_firmware
-
amdvirtex_ultrascale\+_vu37p_firmware
-
amdvirtex_ultrascale\+_vu45p_firmware
-
amdvirtex_ultrascale\+_vu47p_firmware
-
amdvirtex_ultrascale\+_vu57p_firmware
-
amdartix_ultrascale\+_au7p_firmware
-
amdartix_ultrascale\+_au10p_firmware
-
amdartix_ultrascale\+_au15p_firmware
-
amdartix_ultrascale\+_au20p_firmware
-
amdartix_ultrascale\+_au25p_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8002.html
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8002.html