{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-20585", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2022-10-27T18:53:39.759Z", "datePublished": "2026-04-16T18:42:28.281Z", "dateUpdated": "2026-04-16T19:12:06.991Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2026-04-16T19:12:06.991Z"}, "datePublic": "2026-04-16T18:42:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-788", "description": "CWE-788 Access of Memory Location After End of Buffer", "type": "CWE"}]}], "affected": [{"vendor": "AMD", "product": "AMD EPYC\u2122 7003 Series Processors", "versions": [{"status": "unaffected", "version": "SEV FW 1.37.23"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 9004 Series Processors", "versions": [{"status": "unaffected", "version": "SEV FW 1.37.31"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 7003 Series Processors", "versions": [{"status": "unaffected", "version": "EmbMilanPI-SP3 1.0.0.B"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 9004 Series Processors", "versions": [{"status": "unaffected", "version": "EmbGenoaPI-1.0.0.A"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity."}]}], "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3016.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.6, "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "AMD PSIRT Automation 1.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-16T18:58:05.996293Z", "id": "CVE-2023-20585", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T18:58:58.114Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-20585", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-16T18:58:05.996293Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T18:58:11.213Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.6, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AMD", "product": "AMD EPYC\u2122 7003 Series Processors", "versions": [{"status": "unaffected", "version": "SEV FW 1.37.23"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 9004 Series Processors", "versions": [{"status": "unaffected", "version": "SEV FW 1.37.31"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 7003 Series Processors", "versions": [{"status": "unaffected", "version": "EmbMilanPI-SP3 1.0.0.B"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 9004 Series Processors", "versions": [{"status": "unaffected", "version": "EmbGenoaPI-1.0.0.A"}], "defaultStatus": "affected"}], "datePublic": "2026-04-16T18:42:00.000Z", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3016.html"}], "x_generator": {"engine": "AMD PSIRT Automation 1.0"}, "descriptions": [{"lang": "en", "value": "Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.", "supportingMedia": [{"type": "text/html", "value": "Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-788", "description": "CWE-788 Access of Memory Location After End of Buffer"}]}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2026-04-16T19:12:06.991Z"}}}, "cveMetadata": {"cveId": "CVE-2023-20585", "state": "PUBLISHED", "dateUpdated": "2026-04-16T19:12:06.991Z", "dateReserved": "2022-10-27T18:53:39.759Z", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "datePublished": "2026-04-16T18:42:28.281Z", "assignerShortName": "AMD"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity."}], "id": "CVE-2023-20585", "lastModified": "2026-04-17T15:14:05.510", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@amd.com", "type": "Secondary"}]}, "published": "2026-04-16T19:16:31.430", "references": [{"source": "psirt@amd.com", "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3016.html"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-788"}], "source": "psirt@amd.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "SEV FW 1.37.23"}}], "enrichment": {"confidence": 93.0, "confidence_source": "matching", "scores": [{"score": 93.0, "source": "matching"}]}, "original": {"product": "AMD EPYC\u2122 7003 Series Processors", "source": "cna", "vendor": "AMD"}, "product": "epyc_7003_series_processors", "vendor": "amd"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "SEV FW 1.37.31"}}], "enrichment": {"confidence": 93.0, "confidence_source": "matching", "scores": [{"score": 93.0, "source": "matching"}]}, "original": {"product": "AMD EPYC\u2122 9004 Series Processors", "source": "cna", "vendor": "AMD"}, "product": "epyc_9004_series_processors", "vendor": "amd"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "EmbMilanPI-SP3 1.0.0.B"}}], "enrichment": {"confidence": 94.0, "confidence_source": "matching", "scores": [{"score": 94.0, "source": "matching"}]}, "original": {"product": "AMD EPYC\u2122 Embedded 7003 Series Processors", "source": "cna", "vendor": "AMD"}, "product": "epyc_embedded_7003_series_processors", "vendor": "amd"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "EmbGenoaPI-1.0.0.A"}}], "enrichment": {"confidence": 94.0, "confidence_source": "matching", "scores": [{"score": 94.0, "source": "matching"}]}, "original": {"product": "AMD EPYC\u2122 Embedded 9004 Series Processors", "source": "cna", "vendor": "AMD"}, "product": "epyc_embedded_9004_series_processors", "vendor": "amd"}], "analysis": {"en": {"generated_at": "2026-04-17T02:53:01.009790+00:00", "value": {"mitigation_remediation": ["Apply any AMD firmware or BIOS update that fixes the RMP check flaw for the affected EPYC processors", "Restrict hypervisor privilege levels to reduce the possibility that a privileged attacker can direct host buffer accesses", "Configure host and guest logging to capture anomalous buffer access events and investigate suspicious activity"], "summary": {"action": "Assess Impact", "impact": "Potential loss of guest integrity due to out\u2011of\u2011bounds host buffer access"}, "threat_synthesis": {"affected_systems": "The flaw affects AMD EPYC 7003 Series Processors, AMD EPYC 9004 Series Processors, AMD EPYC Embedded 7003 Series Processors, and AMD EPYC Embedded 9004 Series Processors. No specific firmware or minor version details are provided, so all processors listed are considered potentially vulnerable.", "description_and_impact": "The vulnerability stems from insufficient checks of the RMP on host buffer access in the IOMMU. A privileged attacker who has already compromised the hypervisor can trigger an out\u2011of\u2011bounds condition that bypasses RMP checks, leading to a potential loss of confidential guest integrity. The description does not state other impacts such as privilege escalation or data read/write beyond the loss of integrity.", "risk_and_exploitability": "A CVSS score of 5.6 indicates medium severity. No EPSS score is available and the vulnerability is not listed in CISA's KEV catalog, implying limited public exploitation. Exploitation requires a hypervisor that has already been compromised and sufficient privileges to direct host buffer accesses, which reduces the potential scope of broad attacks but still presents a meaningful risk to virtualized environments using these processors."}}}}, "created": "2026-04-17T03:00:08.440333+00:00", "title": "Insufficient RMP Checks in IOMMU Allow Host Buffer Out\u2011of\u2011Bounds Access", "updated": "2026-04-20T15:00:09.523172+00:00", "vendors": ["amd", "amd$PRODUCT$epyc_7003_series_processors", "amd$PRODUCT$epyc_9004_series_processors", "amd$PRODUCT$epyc_embedded_7003_series_processors", "amd$PRODUCT$epyc_embedded_9004_series_processors"]}