CVE-2023-20599

Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality.

CVSS v3 7.9 HIGH

7.9^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 5.8

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7039.html

Configurations

No configuration.

History

21 Nov 2025, 21:15

Type	Values Removed	Values Added
References	~~{'url': 'https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7039.html', 'source': '[email protected]'}~~	() https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7039.html -
Summary	(en) Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86, resulting in potential loss of control of cryptographic key pointer/index, leading to loss of integrity or confidentiality.	(en) Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality.

Information

Published : 2025-06-10 17:17

Updated : 2025-11-21 21:15

NVD link : CVE-2023-20599

Mitre link : CVE-2023-20599

CVE.ORG link : CVE-2023-20599

JSON object : View

Products Affected

No product.

CWE

CWE-1262

Improper Access Control for Register Interface

7.9 /10