CVE-2023-20596

9.8 CRITICAL

📋 TL;DR

This vulnerability allows attackers with compromised SMI handlers to bypass security boundaries and gain Ring0 (kernel-level) access, potentially leading to arbitrary code execution. It affects AMD systems with vulnerable SMM Supervisor implementations. This is a firmware-level vulnerability requiring local access or prior compromise.

💻 Affected Systems

Products:

• AMD processors with vulnerable SMM Supervisor implementations

Versions: Specific versions not publicly detailed in advisory

Operating Systems: All operating systems running on affected AMD hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires AMD AGESA firmware versions with the vulnerability. Check specific processor models against AMD advisory.

📦 What is this software?

Ryzen 3 5125c Firmware by Amd

View all CVEs affecting Ryzen 3 5125c Firmware →

Ryzen 3 5300g Firmware by Amd

View all CVEs affecting Ryzen 3 5300g Firmware →

Ryzen 3 5300ge Firmware by Amd

View all CVEs affecting Ryzen 3 5300ge Firmware →

Ryzen 3 5400u Firmware by Amd

View all CVEs affecting Ryzen 3 5400u Firmware →

Ryzen 3 5425u Firmware by Amd

View all CVEs affecting Ryzen 3 5425u Firmware →

Ryzen 3 7335u Firmware by Amd

View all CVEs affecting Ryzen 3 7335u Firmware →

Ryzen 3 7440u Firmware by Amd

View all CVEs affecting Ryzen 3 7440u Firmware →

Ryzen 5 5500h Firmware by Amd

View all CVEs affecting Ryzen 5 5500h Firmware →

Ryzen 5 5560u Firmware by Amd

View all CVEs affecting Ryzen 5 5560u Firmware →

Ryzen 5 5600g Firmware by Amd

View all CVEs affecting Ryzen 5 5600g Firmware →

Ryzen 5 5600ge Firmware by Amd

View all CVEs affecting Ryzen 5 5600ge Firmware →

Ryzen 5 5600h Firmware by Amd

View all CVEs affecting Ryzen 5 5600h Firmware →

Ryzen 5 5600hs Firmware by Amd

View all CVEs affecting Ryzen 5 5600hs Firmware →

Ryzen 5 5600u Firmware by Amd

View all CVEs affecting Ryzen 5 5600u Firmware →

Ryzen 5 5625u Firmware by Amd

View all CVEs affecting Ryzen 5 5625u Firmware →

Ryzen 5 6600h Firmware by Amd

View all CVEs affecting Ryzen 5 6600h Firmware →

Ryzen 5 6600hs Firmware by Amd

View all CVEs affecting Ryzen 5 6600hs Firmware →

Ryzen 5 6600u Firmware by Amd

View all CVEs affecting Ryzen 5 6600u Firmware →

Ryzen 5 7500f Firmware by Amd

View all CVEs affecting Ryzen 5 7500f Firmware →

Ryzen 5 7535hs Firmware by Amd

View all CVEs affecting Ryzen 5 7535hs Firmware →

Ryzen 5 7535u Firmware by Amd

View all CVEs affecting Ryzen 5 7535u Firmware →

Ryzen 5 7600 Firmware by Amd

View all CVEs affecting Ryzen 5 7600 Firmware →

Ryzen 5 7600x Firmware by Amd

View all CVEs affecting Ryzen 5 7600x Firmware →

Ryzen 5 7640h Firmware by Amd

View all CVEs affecting Ryzen 5 7640h Firmware →

Ryzen 5 Pro 7540u Firmware by Amd

View all CVEs affecting Ryzen 5 Pro 7540u Firmware →

Ryzen 5 Pro 7545u Firmware by Amd

View all CVEs affecting Ryzen 5 Pro 7545u Firmware →

Ryzen 5 Pro 7640hs Firmware by Amd

View all CVEs affecting Ryzen 5 Pro 7640hs Firmware →

Ryzen 5 Pro 7640u Firmware by Amd

View all CVEs affecting Ryzen 5 Pro 7640u Firmware →

Ryzen 5 Pro 7645 Firmware by Amd

View all CVEs affecting Ryzen 5 Pro 7645 Firmware →

Ryzen 7 5700g Firmware by Amd

View all CVEs affecting Ryzen 7 5700g Firmware →

Ryzen 7 5700ge Firmware by Amd

View all CVEs affecting Ryzen 7 5700ge Firmware →

Ryzen 7 5800h Firmware by Amd

View all CVEs affecting Ryzen 7 5800h Firmware →

Ryzen 7 5800hs Firmware by Amd

View all CVEs affecting Ryzen 7 5800hs Firmware →

Ryzen 7 5800u Firmware by Amd

View all CVEs affecting Ryzen 7 5800u Firmware →

Ryzen 7 5825u Firmware by Amd

View all CVEs affecting Ryzen 7 5825u Firmware →

Ryzen 7 6800h Firmware by Amd

View all CVEs affecting Ryzen 7 6800h Firmware →

Ryzen 7 6800hs Firmware by Amd

View all CVEs affecting Ryzen 7 6800hs Firmware →

Ryzen 7 6800u Firmware by Amd

View all CVEs affecting Ryzen 7 6800u Firmware →

Ryzen 7 7700 Firmware by Amd

View all CVEs affecting Ryzen 7 7700 Firmware →

Ryzen 7 7700x Firmware by Amd

View all CVEs affecting Ryzen 7 7700x Firmware →

Ryzen 7 7735hs Firmware by Amd

View all CVEs affecting Ryzen 7 7735hs Firmware →

Ryzen 7 7735u Firmware by Amd

View all CVEs affecting Ryzen 7 7735u Firmware →

Ryzen 7 7736u Firmware by Amd

View all CVEs affecting Ryzen 7 7736u Firmware →

Ryzen 7 7800x3d Firmware by Amd

View all CVEs affecting Ryzen 7 7800x3d Firmware →

Ryzen 7 7840h Firmware by Amd

View all CVEs affecting Ryzen 7 7840h Firmware →

Ryzen 7 Pro 7745 Firmware by Amd

View all CVEs affecting Ryzen 7 Pro 7745 Firmware →

Ryzen 7 Pro 7840hs Firmware by Amd

View all CVEs affecting Ryzen 7 Pro 7840hs Firmware →

Ryzen 7 Pro 7840u Firmware by Amd

View all CVEs affecting Ryzen 7 Pro 7840u Firmware →

Ryzen 9 5900hs Firmware by Amd

View all CVEs affecting Ryzen 9 5900hs Firmware →

Ryzen 9 5900hx Firmware by Amd

View all CVEs affecting Ryzen 9 5900hx Firmware →

Ryzen 9 5980hs Firmware by Amd

View all CVEs affecting Ryzen 9 5980hs Firmware →

Ryzen 9 5980hx Firmware by Amd

View all CVEs affecting Ryzen 9 5980hx Firmware →

Ryzen 9 6900hs Firmware by Amd

View all CVEs affecting Ryzen 9 6900hs Firmware →

Ryzen 9 6900hx Firmware by Amd

View all CVEs affecting Ryzen 9 6900hx Firmware →

Ryzen 9 6980hs Firmware by Amd

View all CVEs affecting Ryzen 9 6980hs Firmware →

Ryzen 9 6980hx Firmware by Amd

View all CVEs affecting Ryzen 9 6980hx Firmware →

Ryzen 9 7900 Firmware by Amd

View all CVEs affecting Ryzen 9 7900 Firmware →

Ryzen 9 7900x Firmware by Amd

View all CVEs affecting Ryzen 9 7900x Firmware →

Ryzen 9 7900x3d Firmware by Amd

View all CVEs affecting Ryzen 9 7900x3d Firmware →

Ryzen 9 7940h Firmware by Amd

View all CVEs affecting Ryzen 9 7940h Firmware →

Ryzen 9 7950x Firmware by Amd

View all CVEs affecting Ryzen 9 7950x Firmware →

Ryzen 9 7950x3d Firmware by Amd

View all CVEs affecting Ryzen 9 7950x3d Firmware →

Ryzen 9 Pro 7940hs Firmware by Amd

View all CVEs affecting Ryzen 9 Pro 7940hs Firmware →

Ryzen 9 Pro 7945 Firmware by Amd

View all CVEs affecting Ryzen 9 Pro 7945 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with persistent firmware-level malware, data theft, and bypass of all operating system security controls.

🟠

Likely Case

Privilege escalation from compromised SMI handler to kernel-level access, enabling further system exploitation.

🟢

If Mitigated

Limited impact if SMI handlers are properly secured and system integrity protections are enabled.

🌐 Internet-Facing: LOW - Requires local access or prior system compromise to exploit.

🏢 Internal Only: HIGH - Once an attacker gains initial access, this allows privilege escalation to kernel level.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Requires compromising SMI handler first, which is non-trivial. Exploitation requires deep system knowledge and privileged access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: AMD AGESA firmware updates - specific versions depend on motherboard/BIOS vendor

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011

Restart Required: Yes

Instructions:

1. Check motherboard/BIOS vendor website for firmware updates. 2. Download latest BIOS/UEFI firmware. 3. Follow vendor-specific flashing instructions. 4. Reboot system after update.

🔧 Temporary Workarounds

Secure Boot Enforcement

all

Enable and enforce Secure Boot to prevent unauthorized code execution at boot time

SMM Call-Out Protection

all

Enable SMM call-out protection in BIOS/UEFI settings if available

🧯 If You Can't Patch

• Isolate affected systems from untrusted networks and users
• Implement strict access controls and monitoring for privileged operations

🔍 How to Verify

Check if Vulnerable:

Copy

Check BIOS/UEFI version against motherboard vendor's patched versions. Use 'wmic bios get smbiosbiosversion' on Windows or 'dmidecode -t bios' on Linux.

Check Version:

Copy

Windows: wmic bios get smbiosbiosversion
Linux: sudo dmidecode -t bios | grep Version

Verify Fix Applied:

Copy

Verify BIOS/UEFI version matches patched version from vendor. Check that AGESA version includes fixes (vendor-specific).

📡 Detection & Monitoring

Log Indicators:

• Unexpected SMI handler modifications
• BIOS/UEFI firmware modification events
• Kernel integrity violations

Network Indicators:

• None - local exploitation only

SIEM Query:

Copy

EventID=12 OR EventID=13 (System integrity events) on Windows; kernel audit logs for integrity violations on Linux

📊 Metadata

CVE ID: CVE-2023-20596

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Published: November 14, 2023

Last Updated: November 21, 2024

🔗 References

• https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011 Vendor Advisory
• https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7011 Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON