CVE-2023-20578
First published: Tue Aug 13 2024(Updated: )
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.
Credit: psirt@amd.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| AMD EPYC 8024PN Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8024PN Firmware | ||
| All of | ||
| AMD EPYC 8024PN Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8024PN Firmware | ||
| All of | ||
| AMD EPYC 8124PN | <genoapi_1.0.0.2 | |
| AMD EPYC 8124PN Firmware | ||
| All of | ||
| AMD EPYC Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8124P Firmware | ||
| All of | ||
| AMD EPYC 8224PN Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8224PN Firmware | ||
| All of | ||
| AMD EPYC 8224PN Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8224P Firmware | ||
| All of | ||
| AMD EPYC 8324PN Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8324PN Firmware | ||
| All of | ||
| AMD EPYC 8324P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8324P Firmware | ||
| All of | ||
| AMD EPYC 8434P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8434PN Firmware | ||
| All of | ||
| AMD EPYC 8434P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8434P Firmware | ||
| All of | ||
| AMD EPYC 8534PN Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8534PN Firmware | ||
| All of | ||
| AMD EPYC Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 8534P Firmware | ||
| All of | ||
| AMD EPYC 9734 Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9734 Firmware | ||
| All of | ||
| AMD EPYC 9754S Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9754S Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9754 Firmware | ||
| All of | ||
| AMD EPYC 9184X Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9184X firmware | ||
| All of | ||
| AMD EPYC 9384X Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9384X Firmware | ||
| All of | ||
| AMD EPYC 9684X Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9684X Firmware | ||
| All of | ||
| AMD EPYC 9124 Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9124 Firmware | ||
| All of | ||
| AMD EPYC 9174F Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9174F Firmware | ||
| All of | ||
| AMD EPYC 9224 Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9224 | ||
| All of | ||
| AMD EPYC 9254 Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9254 Firmware | ||
| All of | ||
| AMD EPYC 9274F Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9274F Firmware | ||
| All of | ||
| AMD EPYC 9334 firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9334 firmware | ||
| All of | ||
| AMD EPYC 9354 Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9354P | ||
| All of | ||
| AMD EPYC 9354P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9354P | ||
| All of | ||
| AMD EPYC 9374F Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9374F Firmware | ||
| All of | ||
| AMD EPYC 9454P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9454P | ||
| All of | ||
| AMD EPYC 9454P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9454P Firmware | ||
| All of | ||
| AMD EPYC 9474F Firmware | <genoapi_1.0.0.2 | |
| AMD Epyc 9474F Firmware | ||
| All of | ||
| AMD EPYC 9534 Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9534 Firmware | ||
| All of | ||
| AMD EPYC 9554P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9554 Firmware | ||
| All of | ||
| AMD EPYC 9554P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9554P | ||
| All of | ||
| AMD EPYC 9634 Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9634 Firmware | ||
| All of | ||
| AMD EPYC 9654 Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9654 firmware | ||
| All of | ||
| AMD EPYC 9654P Firmware | <genoapi_1.0.0.2 | |
| AMD EPYC 9654P Firmware | ||
| All of | ||
| AMD EPYC 7203 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7203 Firmware | ||
| All of | ||
| AMD EPYC Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7203P Firmware | ||
| All of | ||
| AMD EPYC 72F3 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 72F3 Firmware | ||
| All of | ||
| AMD EPYC 7303 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7303 Firmware | ||
| All of | ||
| AMD EPYC 7303P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7303P | ||
| All of | ||
| AMD EPYC Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7313 Firmware | ||
| All of | ||
| AMD EPYC 7313P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7313P Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7343 Firmware | ||
| All of | ||
| AMD EPYC 73F3 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 73F3 Firmware | ||
| All of | ||
| AMD EPYC 7373X Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7373X Firmware | ||
| All of | ||
| AMD EPYC 7413 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7413 Firmware | ||
| All of | ||
| AMD EPYC 7443P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7443P | ||
| All of | ||
| AMD EPYC 7443P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7443P Firmware | ||
| All of | ||
| AMD EPYC 74F3 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 74F3 Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC Server | ||
| All of | ||
| AMD EPYC 7473X Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7473X Firmware | ||
| All of | ||
| AMD EPYC 7513 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7513 Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7543 Firmware | ||
| All of | ||
| AMD EPYC 7543P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7543P Firmware | ||
| All of | ||
| AMD EPYC 75F3 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 75F3 Firmware | ||
| All of | ||
| AMD EPYC 7573X Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7573X Firmware | ||
| All of | ||
| AMD EPYC 7643P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7643 Firmware | ||
| All of | ||
| AMD EPYC 7773X Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7773X Firmware | ||
| All of | ||
| AMD EPYC Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7643P Firmware | ||
| All of | ||
| AMD EPYC 7663 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7663 Firmware | ||
| All of | ||
| AMD EPYC 7663P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7663P Firmware | ||
| All of | ||
| AMD EPYC 7713P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7713 Firmware | ||
| All of | ||
| AMD EPYC 7713P Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7713P Firmware | ||
| All of | ||
| AMD EPYC 7763 Firmware | <milanpi_1.0.0.5 | |
| AMD EPYC 7763 Firmware | ||
| All of | ||
| AMD EPYC 7H12 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7H12 Firmware | ||
| All of | ||
| AMD EPYC 7F72 | <romepi_1.0.0.g | |
| AMD EPYC 7F72 Firmware | ||
| All of | ||
| AMD EPYC 7F52 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7F52 Firmware | ||
| All of | ||
| AMD EPYC 7F32 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7F32 Firmware | ||
| All of | ||
| AMD EPYC 7742 Firmware | <romepi_1.0.0.g | |
| AMD EPYC Server | ||
| All of | ||
| AMD EPYC 7702 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7702P | ||
| All of | ||
| AMD EPYC 7702p firmware | <romepi_1.0.0.g | |
| AMD EPYC Server | ||
| All of | ||
| AMD EPYC 7662 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7662 Firmware | ||
| All of | ||
| AMD EPYC 7642 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7642 Firmware | ||
| All of | ||
| AMD EPYC 7552 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7552 Firmware | ||
| All of | ||
| AMD EPYC 7542 Firmware | <romepi_1.0.0.g | |
| AMD EPYC Server | ||
| All of | ||
| AMD EPYC 7532 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7532 Firmware | ||
| All of | ||
| AMD EPYC 7502P Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7502P Firmware | ||
| All of | ||
| AMD EPYC 7502 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7502 firmware | ||
| All of | ||
| AMD EPYC 7452 Firmware | <romepi_1.0.0.g | |
| AMD EPYC Server | ||
| All of | ||
| AMD EPYC 7402P Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7402P Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7402 Firmware | ||
| All of | ||
| AMD EPYC Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7352 firmware | ||
| All of | ||
| AMD EPYC 7302P Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7302P Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7302 Firmware | ||
| All of | ||
| AMD EPYC 7282 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7282 Firmware | ||
| All of | ||
| AMD EPYC 7272 firmware | <romepi_1.0.0.g | |
| AMD EPYC 7272 firmware | ||
| All of | ||
| AMD EPYC 7262 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7262 Firmware | ||
| All of | ||
| AMD EPYC 7252 Firmware | <romepi_1.0.0.g | |
| AMD EPYC 7252 Firmware | ||
| All of | ||
| AMD EPYC 7232p firmware | <romepi_1.0.0.g | |
| AMD EPYC 7232p firmware | ||
| All of | ||
| AMD EPYC 7601 Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7601 Firmware | ||
| All of | ||
| AMD EPYC 7551P Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7551P Firmware | ||
| All of | ||
| AMD EPYC 7551P Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7551 Firmware | ||
| All of | ||
| AMD EPYC 7501 Firmware | <naplespi_1.0.0.k | |
| AMD EPYC Server | ||
| All of | ||
| AMD EPYC 7451 Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7451 Firmware | ||
| All of | ||
| AMD EPYC 7401P Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7401P Firmware | ||
| All of | ||
| AMD EPYC 7401P Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7401 Firmware | ||
| All of | ||
| AMD EPYC 7371 Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7371 Firmware | ||
| All of | ||
| AMD EPYC 7351P Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7351P Firmware | ||
| All of | ||
| AMD EPYC 7351P Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7351 Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7301 Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <naplespi_1.0.0.k | |
| AMD EPYC Server | ||
| All of | ||
| AMD EPYC 7261 Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7261 | ||
| All of | ||
| AMD EPYC 7251 Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7251 Firmware | ||
| All of | ||
| Amd Epyc Server Firmware | <naplespi_1.0.0.k | |
| AMD EPYC 7001 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-20578?
CVE-2023-20578 has a severity rating of critical due to its potential for arbitrary code execution by an attacker with ring0 privileges.
How do I fix CVE-2023-20578?
To fix CVE-2023-20578, you should update your AMD Epyc firmware to a version that is not affected, specifically above genoapi_1.0.0.2 for designated models.
Which devices are affected by CVE-2023-20578?
CVE-2023-20578 affects various AMD Epyc firmware versions prior to genoapi_1.0.0.2 on multiple Amd Epyc models.
What is a TOCTOU vulnerability in the context of CVE-2023-20578?
A TOCTOU vulnerability, as seen in CVE-2023-20578, refers to the potential for an attacker to exploit a race condition between checking and using a resource.
Is CVE-2023-20578 currently being exploited in the wild?
As of now, there are no confirmed reports of CVE-2023-20578 being actively exploited in the wild.
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/weakness
- agent/severity
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/amd
- canonical/amd epyc 8024pn firmware
- canonical/amd epyc 8124pn
- canonical/amd epyc 8124pn firmware
- canonical/amd epyc 8124p firmware
- canonical/amd epyc 8224pn firmware
- canonical/amd epyc 8224p firmware
- canonical/amd epyc 8324pn firmware
- canonical/amd epyc 8324p firmware
- canonical/amd epyc 8434p firmware
- canonical/amd epyc 8434pn firmware
- canonical/amd epyc 8534pn firmware
- canonical/amd epyc firmware
- canonical/amd epyc 8534p firmware
- canonical/amd epyc 9734 firmware
- canonical/amd epyc 9754s firmware
- canonical/amd epyc server firmware
- canonical/amd epyc 9754 firmware
- canonical/amd epyc 9184x firmware
- canonical/amd epyc 9384x firmware
- canonical/amd epyc 9684x firmware
- canonical/amd epyc 9124 firmware
- canonical/amd epyc 9174f firmware
- canonical/amd epyc 9224 firmware
- canonical/amd epyc 9224
- canonical/amd epyc 9254 firmware
- canonical/amd epyc 9274f firmware
- canonical/amd epyc 9334 firmware
- canonical/amd epyc 9354 firmware
- canonical/amd epyc 9354p
- canonical/amd epyc 9354p firmware
- canonical/amd epyc 9374f firmware
- canonical/amd epyc 9454p firmware
- canonical/amd epyc 9454p
- canonical/amd epyc 9474f firmware
- canonical/amd epyc 9534 firmware
- canonical/amd epyc 9554p firmware
- canonical/amd epyc 9554 firmware
- canonical/amd epyc 9554p
- canonical/amd epyc 9634 firmware
- canonical/amd epyc 9654 firmware
- canonical/amd epyc 9654p firmware
- canonical/amd epyc 7203 firmware
- canonical/amd epyc 7203p firmware
- canonical/amd epyc 72f3 firmware
- canonical/amd epyc 7303 firmware
- canonical/amd epyc 7303p firmware
- canonical/amd epyc 7303p
- canonical/amd epyc 7313 firmware
- canonical/amd epyc 7313p firmware
- canonical/amd epyc 7343 firmware
- canonical/amd epyc 73f3 firmware
- canonical/amd epyc 7373x firmware
- canonical/amd epyc 7413 firmware
- canonical/amd epyc 7443p firmware
- canonical/amd epyc 7443p
- canonical/amd epyc 74f3 firmware
- canonical/amd epyc server
- canonical/amd epyc 7473x firmware
- canonical/amd epyc 7513 firmware
- canonical/amd epyc 7543 firmware
- canonical/amd epyc 7543p firmware
- canonical/amd epyc 75f3 firmware
- canonical/amd epyc 7573x firmware
- canonical/amd epyc 7643p firmware
- canonical/amd epyc 7643 firmware
- canonical/amd epyc 7773x firmware
- canonical/amd epyc 7663 firmware
- canonical/amd epyc 7663p firmware
- canonical/amd epyc 7713p firmware
- canonical/amd epyc 7713 firmware
- canonical/amd epyc 7763 firmware
- canonical/amd epyc 7h12 firmware
- canonical/amd epyc 7f72
- canonical/amd epyc 7f72 firmware
- canonical/amd epyc 7f52 firmware
- canonical/amd epyc 7f32 firmware
- canonical/amd epyc 7742 firmware
- canonical/amd epyc 7702 firmware
- canonical/amd epyc 7702p
- canonical/amd epyc 7702p firmware
- canonical/amd epyc 7662 firmware
- canonical/amd epyc 7642 firmware
- canonical/amd epyc 7552 firmware
- canonical/amd epyc 7542 firmware
- canonical/amd epyc 7532 firmware
- canonical/amd epyc 7502p firmware
- canonical/amd epyc 7502 firmware
- canonical/amd epyc 7452 firmware
- canonical/amd epyc 7402p firmware
- canonical/amd epyc 7402 firmware
- canonical/amd epyc 7352 firmware
- canonical/amd epyc 7302p firmware
- canonical/amd epyc 7302 firmware
- canonical/amd epyc 7282 firmware
- canonical/amd epyc 7272 firmware
- canonical/amd epyc 7262 firmware
- canonical/amd epyc 7252 firmware
- canonical/amd epyc 7232p firmware
- canonical/amd epyc 7601 firmware
- canonical/amd epyc 7551p firmware
- canonical/amd epyc 7551 firmware
- canonical/amd epyc 7501 firmware
- canonical/amd epyc 7451 firmware
- canonical/amd epyc 7401p firmware
- canonical/amd epyc 7401 firmware
- canonical/amd epyc 7371 firmware
- canonical/amd epyc 7351p firmware
- canonical/amd epyc 7351 firmware
- canonical/amd epyc 7301 firmware
- canonical/amd epyc 7261 firmware
- canonical/amd epyc 7261
- canonical/amd epyc 7251 firmware
- canonical/amd epyc 7001 firmware