Vulnerabilities > CVE-2023-20555 - Out-of-bounds Write vulnerability in AMD products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

amd

CWE-787

NVD

Published: 2023-08-08

Updated: 2023-08-21

Summary

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.

Vulnerable Configurations

Part	Description	Count
OS	Amd AMD Ryzen 3 3300 Firmware - AMD Ryzen 3 3300 Firmware Comboam4_Pi_V1_1.0.0.A AMD Ryzen 3 3300X Firmware - AMD Ryzen 3 3300X Firmware Comboam4_Pi_V1_1.0.0.A AMD Ryzen 3 3300X Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 5 3600 Firmware - AMD Ryzen 5 3600 Firmware Comboam4_Pi_V1_1.0.0.A AMD Ryzen 5 3600 Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 5 3600X Firmware - AMD Ryzen 5 3600X Firmware Comboam4_Pi_V1_1.0.0.A AMD Ryzen 5 3600X Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 7 3700 Firmware - AMD Ryzen 7 3700 Firmware Comboam4_Pi_V1_1.0.0.A AMD Ryzen 7 3700X Firmware - AMD Ryzen 7 3700X Firmware Comboam4_Pi_V1_1.0.0.A AMD Ryzen 7 3700X Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 9 3800X Firmware - AMD Ryzen 9 3800X Firmware Comboam4_Pi_V1_1.0.0.A AMD Ryzen 9 3850X Firmware - AMD Ryzen 9 3850X Firmware Comboam4_Pi_V1_1.0.0.A AMD Ryzen 9 5950X Firmware - AMD Ryzen 9 5900X Firmware - AMD Ryzen 9 5900 Firmware - AMD Ryzen 9 PRO 5945 Firmware - AMD Ryzen 7 5800X3D Firmware - AMD Ryzen 7 5800X Firmware - AMD Ryzen 7 5800 Firmware - AMD Ryzen 7 5700X Firmware - AMD Ryzen 7 PRO 5845 Firmware - AMD Ryzen 5 5600X3D Firmware - AMD Ryzen 5 5600X Firmware - AMD Ryzen 5 5600 Firmware - AMD Ryzen 5 PRO 5645 Firmware - AMD Ryzen 7 5700 Firmware - AMD Ryzen 5 5500 Firmware - AMD Ryzen 3 5100 Firmware - AMD Ryzen 7 5700G Firmware - AMD Ryzen 7 5700G Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 7 5700Ge Firmware - AMD Ryzen 7 5700Ge Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 5 5600G Firmware - AMD Ryzen 5 5600G Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 5 5600Ge Firmware - AMD Ryzen 5 5600Ge Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 3 5300G Firmware - AMD Ryzen 3 5300G Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 3 5300Ge Firmware - AMD Ryzen 3 5300Ge Firmware Comboam4_V2_Pi_1.2.0.6C AMD Ryzen 9 7950X3D Firmware - AMD Ryzen 9 7950X Firmware - AMD Ryzen 9 7900X3D Firmware - AMD Ryzen 9 7900X Firmware - AMD Ryzen 9 7900 Firmware - AMD Ryzen 9 PRO 7945 Firmware - AMD Ryzen 7 7800X3D Firmware - AMD Ryzen 7 7700X Firmware - AMD Ryzen 7 7700 Firmware - AMD Ryzen 7 PRO 7745 Firmware - AMD Ryzen 5 7600X Firmware - AMD Ryzen 5 7600 Firmware - AMD Ryzen 5 PRO 7645 Firmware - AMD Ryzen 5 7500F Firmware - AMD Ryzen 4700S Firmware - AMD Ryzen 5 4500 Firmware - AMD Ryzen 3 4100 Firmware - AMD Athlon PRO 300Ge Firmware - AMD Athlon PRO 300Ge Firmware Comboam4Piv1_1.0.0.A AMD Athlon Gold 3150Ge Firmware - AMD Athlon Gold 3150Ge Firmware Comboam4Piv1_1.0.0.A AMD Athlon Gold PRO 3150Ge Firmware - AMD Athlon Gold PRO 3150Ge Firmware Comboam4Piv1_1.0.0.A AMD Athlon Gold 3150G Firmware - AMD Athlon Gold 3150G Firmware Comboam4Piv1_1.0.0.A AMD Athlon Gold PRO 3150G Firmware - AMD Athlon Gold PRO 3150G Firmware Comboam4Piv1_1.0.0.A AMD Athlon Silver 3050E Firmware - AMD Athlon PRO 3045B Firmware - AMD Athlon Silver 3050U Firmware - AMD Athlon Silver 3050C Firmware - AMD Athlon PRO 3145B Firmware - AMD Athlon Gold 3150U Firmware - AMD Athlon Gold 3150C Firmware - AMD Athlon 3015E Firmware - AMD Athlon 3015Ce Firmware - AMD Ryzen 7 3780U Firmware - AMD Ryzen 7 3750H Firmware - AMD Ryzen 7 3700C Firmware - AMD Ryzen 7 3700U Firmware - AMD Ryzen 5 3580U Firmware - AMD Ryzen 5 3550H Firmware - AMD Ryzen 5 3500C Firmware - AMD Ryzen 5 3500U Firmware - AMD Ryzen 5 3450U Firmware - AMD Ryzen 3 3350U Firmware - AMD Ryzen 3 3300U Firmware - AMD Ryzen 9 4900H Firmware - AMD Ryzen 9 4900Hs Firmware - AMD Ryzen 7 4800H Firmware - AMD Ryzen 7 4800Hs Firmware - AMD Ryzen 7 4980U Firmware - AMD Ryzen 7 4800U Firmware - AMD Ryzen 7 4700U Firmware - AMD Ryzen 5 4600H Firmware - AMD Ryzen 5 4600Hs Firmware - AMD Ryzen 5 4680U Firmware - AMD Ryzen 5 4600U Firmware - AMD Ryzen 5 4500U Firmware - AMD Ryzen 3 4300U Firmware - AMD Ryzen 7 5700U Firmware - AMD Ryzen 5 5500U Firmware - AMD Ryzen 3 5300U Firmware - AMD Ryzen 9 5980Hx Firmware - AMD Ryzen 9 5980Hx Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 9 5980Hs Firmware - AMD Ryzen 9 5980Hs Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 9 5900Hx Firmware - AMD Ryzen 9 5900Hx Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 9 5900Hs Firmware - AMD Ryzen 9 5900Hs Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 7 5800H Firmware - AMD Ryzen 7 5800H Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 7 5800Hs Firmware - AMD Ryzen 7 5800Hs Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 7 5825U Firmware - AMD Ryzen 7 5825U Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 7 5800U Firmware - AMD Ryzen 7 5800U Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 5 5600H Firmware - AMD Ryzen 5 5600H Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 5 5600Hs Firmware - AMD Ryzen 5 5600Hs Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 5 5625U Firmware - AMD Ryzen 5 5625U Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 5 5600U Firmware - AMD Ryzen 5 5600U Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 5 5560U Firmware - AMD Ryzen 5 5560U Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 3 5425U Firmware - AMD Ryzen 3 5425U Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 3 5400U Firmware - AMD Ryzen 3 5400U Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 3 5125C Firmware - AMD Ryzen 3 5125C Firmware Cezannepi-Fp6_1.0.0.9 AMD Ryzen 9 6980Hx Firmware - AMD Ryzen 9 6980Hs Firmware - AMD Ryzen 9 6900Hx Firmware - AMD Ryzen 9 6900Hs Firmware - AMD Ryzen 7 6800H Firmware - AMD Ryzen 7 6800Hs Firmware - AMD Ryzen 7 6800U Firmware - AMD Ryzen 5 6600H Firmware - AMD Ryzen 5 6600Hs Firmware - AMD Ryzen 5 6600U Firmware - AMD Ryzen 5 7520U Firmware - AMD Ryzen 3 7320U Firmware - AMD Ryzen 7 PRO 7730U Firmware - AMD Ryzen 5 PRO 7530U Firmware - AMD Ryzen 3 PRO 7330U Firmware -	158
Hardware	Amd AMD Ryzen 3 3300 - AMD Ryzen 3 3300X - AMD Ryzen 5 3600 - AMD Ryzen 5 3600X - AMD Ryzen 7 3700 - AMD Ryzen 7 3700X - AMD Ryzen 9 3800X - AMD Ryzen 9 3850X - AMD Ryzen 9 5950X - AMD Ryzen 9 5900X - AMD Ryzen 9 5900 - AMD Ryzen 9 PRO 5945 - AMD Ryzen 7 5800X3D - AMD Ryzen 7 5800X - AMD Ryzen 7 5800 - AMD Ryzen 7 5700X - AMD Ryzen 7 PRO 5845 - AMD Ryzen 5 5600X3D - AMD Ryzen 5 5600X - AMD Ryzen 5 5600 - AMD Ryzen 5 PRO 5645 - AMD Ryzen 7 5700 - AMD Ryzen 5 5500 - AMD Ryzen 3 5100 - AMD Ryzen 7 5700G - AMD Ryzen 7 5700Ge - AMD Ryzen 5 5600G - AMD Ryzen 5 5600Ge - AMD Ryzen 3 5300G - AMD Ryzen 3 5300Ge - AMD Ryzen 9 7950X3D - AMD Ryzen 9 7950X - AMD Ryzen 9 7900X3D - AMD Ryzen 9 7900X - AMD Ryzen 9 7900 - AMD Ryzen 9 PRO 7945 - AMD Ryzen 7 7800X3D - AMD Ryzen 7 7700X - AMD Ryzen 7 7700 - AMD Ryzen 7 PRO 7745 - AMD Ryzen 5 7600X - AMD Ryzen 5 7600 - AMD Ryzen 5 PRO 7645 - AMD Ryzen 5 7500F - AMD Ryzen 4700S - AMD Ryzen 5 4500 - AMD Ryzen 3 4100 - AMD Athlon PRO 300Ge - AMD Athlon Gold 3150Ge - AMD Athlon Gold PRO 3150Ge - AMD Athlon Gold 3150G - AMD Athlon Gold PRO 3150G - AMD Athlon Silver 3050E - AMD Athlon PRO 3045B - AMD Athlon Silver 3050U - AMD Athlon Silver 3050C - AMD Athlon PRO 3145B - AMD Athlon Gold 3150U - AMD Athlon Gold 3150C - AMD Athlon 3015E - AMD Athlon 3015Ce - AMD Ryzen 7 3780U - AMD Ryzen 7 3750H - AMD Ryzen 7 3700C - AMD Ryzen 7 3700U - AMD Ryzen 5 3580U - AMD Ryzen 5 3550H - AMD Ryzen 5 3500C - AMD Ryzen 5 3500U - AMD Ryzen 5 3450U - AMD Ryzen 3 3350U - AMD Ryzen 3 3300U - AMD Ryzen 9 4900H - AMD Ryzen 9 4900Hs - AMD Ryzen 7 4800H - AMD Ryzen 7 4800Hs - AMD Ryzen 7 4980U - AMD Ryzen 7 4800U - AMD Ryzen 7 4700U - AMD Ryzen 5 4600H - AMD Ryzen 5 4600Hs - AMD Ryzen 5 4680U - AMD Ryzen 5 4600U - AMD Ryzen 5 4500U - AMD Ryzen 3 4300U - AMD Ryzen 7 5700U - AMD Ryzen 5 5500U - AMD Ryzen 3 5300U - AMD Ryzen 9 5980Hx - AMD Ryzen 9 5980Hs - AMD Ryzen 9 5900Hx - AMD Ryzen 9 5900Hs - AMD Ryzen 7 5800H - AMD Ryzen 7 5800Hs - AMD Ryzen 7 5825U - AMD Ryzen 7 5800U - AMD Ryzen 5 5600H - AMD Ryzen 5 5600Hs - AMD Ryzen 5 5625U - AMD Ryzen 5 5600U - AMD Ryzen 5 5560U - AMD Ryzen 3 5425U - AMD Ryzen 3 5400U - AMD Ryzen 3 5125C - AMD Ryzen 9 6980Hx - AMD Ryzen 9 6980Hs - AMD Ryzen 9 6900Hx - AMD Ryzen 9 6900Hs - AMD Ryzen 7 6800H - AMD Ryzen 7 6800Hs - AMD Ryzen 7 6800U - AMD Ryzen 5 6600H - AMD Ryzen 5 6600Hs - AMD Ryzen 5 6600U - AMD Ryzen 5 7520U - AMD Ryzen 3 7320U - AMD Ryzen 7 PRO 7730U - AMD Ryzen 5 PRO 7530U - AMD Ryzen 3 PRO 7330U -	119

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4003