CVE-2023-20514
Arbitrary Code Execution via Parameter Handling in AMD Secure Processor
Publication date: 2026-02-11
Last updated on: 2026-02-11
Assigner: Advanced Micro Devices Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | secure_processor | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-233 | The product does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper handling of parameters in the AMD Secure Processor (ASP). It allows a privileged attacker to pass an arbitrary memory value to functions within the trusted execution environment, which can lead to arbitrary code execution.
How can this vulnerability impact me? :
The impact of this vulnerability is that a privileged attacker could execute arbitrary code within the trusted execution environment of the AMD Secure Processor. This could compromise the security and integrity of sensitive operations and data handled by the processor.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know