CVE-2023-20571

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Nov 14, 2023

Updated: Nov 28, 2023

CWE ID 362

Summary

CVE-2023-20571 is a newly identified vulnerability affecting System Management Mode (SMM) code. An attacker who has compromised user space can exploit this race condition in SMM, potentially triggering CVE-2018-8897. If successful, this could lead to privilege escalation, giving the attacker elevated system access. This vulnerability poses a significant risk and requires immediate attention from system administrators to apply available patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Advanced Micro Devices

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tZ7yU-
https://www.cve.org/CVERecord?id=CVE-2023-20571
https://nvd.nist.gov/vuln/detail/CVE-2023-20571

Back to Vulnerability Database

CVE-2023-20571

CVSS 3.1 Score 8.1 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations