What is the severity of CVE-2023-20530?

The severity of CVE-2023-20530 is high (7.5).

How does CVE-2023-20530 impact AMD Epyc 7003 firmware?

CVE-2023-20530 affects AMD Epyc 7003 firmware version milanpi_1.0.0.5 and may result in out-of-bounds memory reads potentially causing a denial of service.

Is AMD Epyc 7003 vulnerable to CVE-2023-20530?

Yes, AMD Epyc 7003 firmware version milanpi_1.0.0.5 is vulnerable to CVE-2023-20530.

How can I fix CVE-2023-20530?

To fix CVE-2023-20530, apply the latest firmware update provided by AMD for the affected systems.

Where can I find more information about CVE-2023-20530?

You can find more information about CVE-2023-20530 on the AMD product security bulletin at the following link: [AMD Product Security Bulletin](https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032).

Vulnerability/
CVE-2023-20530

high

7.5

CWE

10/1/2023

2/8/2024

CVE-2023-20530: Input Validation

First published: Tue Jan 10 2023(Updated: )

Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service.

Credit: psirt@amd.com

Affected Software	Affected Version	How to fix
AMD EPYC 7003 Firmware	<milanpi_1.0.0.5
AMD EPYC 7003 Firmware
AMD EPYC 72F3 Firmware	<milanpi_1.0.0.5
AMD EPYC 72F3 Firmware
AMD EPYC 7313P Firmware	<milanpi_1.0.0.5
AMD EPYC 7313 Firmware
AMD EPYC 7313P Firmware	<milanpi_1.0.0.5
AMD EPYC 7313P Firmware
Amd Epyc Server Firmware	<milanpi_1.0.0.5
AMD EPYC 7343 Firmware
AMD EPYC 7373X Firmware	<milanpi_1.0.0.5
AMD EPYC 7373X Firmware
AMD EPYC 73F3 Firmware	<milanpi_1.0.0.5
AMD EPYC 73F3 Firmware
AMD EPYC 7413 Firmware	<milanpi_1.0.0.5
AMD EPYC 7413 Firmware
AMD EPYC 7443P Firmware	<milanpi_1.0.0.5
AMD EPYC 7443P
AMD EPYC 7443P Firmware	<milanpi_1.0.0.5
AMD EPYC 7443P Firmware
Amd Epyc Server Firmware	<milanpi_1.0.0.5
AMD EPYC 7453
AMD EPYC 74F3 Firmware	<milanpi_1.0.0.5
AMD EPYC 74F3 Firmware
AMD EPYC 7513 Firmware	<milanpi_1.0.0.5
AMD EPYC 7513 Firmware
Amd Epyc Server Firmware	<milanpi_1.0.0.5
AMD EPYC 7543 Firmware
AMD EPYC 7543P Firmware	<milanpi_1.0.0.5
AMD EPYC 7543P Firmware
AMD EPYC 7573X Firmware	<milanpi_1.0.0.5
AMD EPYC 7573X Firmware
AMD EPYC 75F3 Firmware	<milanpi_1.0.0.5
AMD EPYC 75F3 Firmware
AMD EPYC 7643P Firmware	<milanpi_1.0.0.5
AMD EPYC 7643 Firmware
AMD EPYC 7663 Firmware	<milanpi_1.0.0.5
AMD EPYC 7663 Firmware
AMD EPYC 7713P Firmware	<milanpi_1.0.0.5
AMD EPYC 7713 Firmware
AMD EPYC 7713P Firmware	<milanpi_1.0.0.5
AMD EPYC 7713P Firmware
AMD EPYC 7743 Firmware	<milanpi_1.0.0.5
AMD EPYC 7743 Firmware
AMD EPYC 7763 Firmware	<milanpi_1.0.0.5
AMD EPYC 7763 Firmware
AMD EPYC 7773X Firmware	<milanpi_1.0.0.5
AMD EPYC 7773X Firmware

Never miss a vulnerability like this again

Reference Links

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032

Frequently Asked Questions

What is the severity of CVE-2023-20530?
The severity of CVE-2023-20530 is high (7.5).
How does CVE-2023-20530 impact AMD Epyc 7003 firmware?
CVE-2023-20530 affects AMD Epyc 7003 firmware version milanpi_1.0.0.5 and may result in out-of-bounds memory reads potentially causing a denial of service.
Is AMD Epyc 7003 vulnerable to CVE-2023-20530?
Yes, AMD Epyc 7003 firmware version milanpi_1.0.0.5 is vulnerable to CVE-2023-20530.
How can I fix CVE-2023-20530?
To fix CVE-2023-20530, apply the latest firmware update provided by AMD for the affected systems.
Where can I find more information about CVE-2023-20530?
You can find more information about CVE-2023-20530 on the AMD product security bulletin at the following link: [AMD Product Security Bulletin](https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032).