CVE-2023-20573

LOW

AMD EPYC Firmware - Debug Exception Delivery Failure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-20573. PoCs published by Freax13.

AI-analyzed exploit summary This repository contains a Proof of Concept (PoC) for CVE-2023-20573, demonstrating the suppression of #DB exceptions in an SEV-SNP guest environment. The PoC includes a custom VMM and kernel to showcase the vulnerability by logging instruction pointers and host kernel events.

Description

A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.

Exploits (1)

nomisec WORKING POC 6 stars
by Freax13 · poc
https://github.com/Freax13/cve-2023-20573-poc

This repository contains a Proof of Concept (PoC) for CVE-2023-20573, demonstrating the suppression of #DB exceptions in an SEV-SNP guest environment. The PoC includes a custom VMM and kernel to showcase the vulnerability by logging instruction pointers and host kernel events.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Complex
Reliability
Reliable
Target: AMD SEV-SNP (Secure Nested Paging)
No auth needed
Prerequisites: Custom Linux kernel on the host · SEV-SNP enabled environment
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 3.2
EPSS 0.0029
EPSS Percentile 20.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-693
Status published
Products (50)
amd/epyc_7203_firmware
amd/epyc_7203p_firmware
amd/epyc_72f3_firmware
amd/epyc_7303_firmware
amd/epyc_7303p_firmware
amd/epyc_7313_firmware
amd/epyc_7313p_firmware
amd/epyc_7343_firmware
amd/epyc_7373x_firmware
amd/epyc_73f3_firmware
... and 40 more
Published Jan 11, 2024
Tracked Since Feb 18, 2026