CVE-2023-20563

HIGH

AMD Ryzen 3 5100 Firmware - Improper Privilege Management

Title source: rule

Description

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

References (2)

Scores

CVSS v3 7.8
EPSS 0.0013
EPSS Percentile 32.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-269
Status published

Affected Products (50)

amd/ryzen_3_5100_firmware < comboam4v2_1.2.0.b
amd/ryzen_3_5300g_firmware < comboam4v2_1.2.0.b
amd/ryzen_3_5300ge_firmware < comboam4v2_1.2.0.b
amd/ryzen_5_5500_firmware < comboam4v2_1.2.0.b
amd/ryzen_5_5600g_firmware < comboam4v2_1.2.0.b
amd/ryzen_5_5600ge_firmware < comboam4v2_1.2.0.b
amd/ryzen_7_5700_firmware < comboam4v2_1.2.0.b
amd/ryzen_7_5700g_firmware < comboam4v2_1.2.0.b
amd/ryzen_7_5700ge_firmware < comboam4v2_1.2.0.b
amd/ryzen_5_7500f_firmware < comboam5_1.0.7.0
amd/ryzen_5_7600_firmware < comboam5_1.0.7.0
amd/ryzen_5_7600x_firmware < comboam5_1.0.7.0
amd/ryzen_7_7700_firmware < comboam5_1.0.7.0
amd/ryzen_7_7700x_firmware < comboam5_1.0.7.0
amd/ryzen_7_7800x3d_firmware < comboam5_1.0.7.0
... and 35 more

Timeline

Published Nov 14, 2023
Tracked Since Feb 18, 2026