CVE-2023-20599

Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86, resulting in potential loss of control of cryptographic key pointer/index, leading to loss of integrity or confidentiality.

CVSS v3 7.9 HIGH

7.9^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 5.8

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7039.html

Configurations

No configuration.

History

12 Jun 2025, 16:06

Type	Values Removed	Values Added
Summary		(es) Un control de acceso inadecuado a los registros en ASP puede permitir que un atacante privilegiado realice un acceso no autorizado a los registros del coprocesador criptográfico (CCP) de ASP desde x86, lo que genera una posible pérdida de control del índice/puntero de la clave criptográfica y, por consiguiente, una pérdida de integridad o confidencialidad.

10 Jun 2025, 17:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-10 17:17

Updated : 2025-06-12 16:06

NVD link : CVE-2023-20599

Mitre link : CVE-2023-20599

CVE.ORG link : CVE-2023-20599

JSON object : View

Products Affected

No product.

CWE

CWE-1262

Improper Access Control for Register Interface

7.9 /10