CVE-2023-20508

Description

Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability.

Category

5.0
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.03%
Affected: AMD AMD Radeon™ RX 6000 Series Graphics Products
Affected: AMD AMD Radeon™ PRO W6000 Series Graphics Products
Affected: AMD AMD Radeon™ Instinct™ MI25
Affected: AMD AMD Radeon™ PRO V520
Affected: AMD AMD Radeon™ PRO V620
Affected: AMD AMD Radeon™ PRO V710
Affected: AMD AMD Instinct™ MI300A
Affected: AMD AMD Instinct™ MI300X
Affected: AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
Affected: AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics
Affected: AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
Affected: AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 5000 Series Desktop Processors
Affected: AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 7030 Series Processors with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
Affected: AMD AMD Ryzen™ 7000 Series Desktop Processors
Affected: AMD AMD Ryzen™ 7045 Series Mobile Processors
Published at:
Updated at:

References

Link Tags
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html

Frequently Asked Questions

What is the severity of CVE-2023-20508?
CVE-2023-20508 has been scored as a medium severity vulnerability.
How to fix CVE-2023-20508?
To fix CVE-2023-20508, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-20508 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-20508 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-20508?
CVE-2023-20508 affects AMD AMD Radeon™ RX 6000 Series Graphics Products, AMD AMD Radeon™ PRO W6000 Series Graphics Products, AMD AMD Radeon™ Instinct™ MI25, AMD AMD Radeon™ PRO V520, AMD AMD Radeon™ PRO V620, AMD AMD Radeon™ PRO V710, AMD AMD Instinct™ MI300A, AMD AMD Instinct™ MI300X, AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics, AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics, AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics, AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics, AMD AMD Ryzen™ 5000 Series Desktop Processors, AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics, AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics, AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics, AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics, AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics, AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics, AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics, AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics, AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics, AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics, AMD AMD Ryzen™ 7030 Series Processors with Radeon™ Graphics, AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics, AMD AMD Ryzen™ 7000 Series Desktop Processors, AMD AMD Ryzen™ 7045 Series Mobile Processors.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.