Vulnerability Name:
CVE-2020-12967 (CCN-202052)
Assigned:
2020-05-15
Published:
2021-05-11
Updated:
2021-05-25
Summary:
The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
CVSS v3 Severity:
7.2 High
(CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
)
6.3 Medium
(Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
High
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
7.2 High
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
)
6.3 Medium
(CCN Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
High
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
CVSS v2 Severity:
9.0 High
(CVSS v2 Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
9.0 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
Vulnerability Type:
CWE-77
Vulnerability Consequences:
Gain Access
References:
Source: MITRE
Type: CNA
CVE-2020-12967
Source: XF
Type: UNKNOWN
amd-cve202012967-code-exec(202052)
Source: CCN
Type: AMD web site
AMD Secure Encrypted Virtualization
Source: MISC
Type: Vendor Advisory
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1004
Vulnerable Configuration:
Configuration 1
:
cpe:/h:amd:epyc_7232p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7251:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7252:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7261:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7262:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7272:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7281:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7282:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_72f3:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7301:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7302:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7302p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7351:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7351p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7371:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7401:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7401p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7451:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7501:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7513:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7453:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_74f3:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7443p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7443:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7413:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_73f3:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7343:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7313p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7313:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7532:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7502:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7502p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7452:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7402:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7402p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7352:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7551:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7551p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7601:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7763:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7713p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7713:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7663:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7643:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_75f3:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7543p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7543:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7f72:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7f52:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7f32:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7h12:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7742:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7702:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7702p:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7662:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7642:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7552:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_7542:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_embedded_3351:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_embedded_3255:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_embedded_3251:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_embedded_3201:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_embedded_3151:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_embedded_3101:-:*:*:*:*:*:*:*
OR
cpe:/h:amd:epyc_embedded_3451:-:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
amd
epyc 7232p -
amd
epyc 7251 -
amd
epyc 7252 -
amd
epyc 7261 -
amd
epyc 7262 -
amd
epyc 7272 -
amd
epyc 7281 -
amd
epyc 7282 -
amd
epyc 72f3 -
amd
epyc 7301 -
amd
epyc 7302 -
amd
epyc 7302p -
amd
epyc 7351 -
amd
epyc 7351p -
amd
epyc 7371 -
amd
epyc 7401 -
amd
epyc 7401p -
amd
epyc 7451 -
amd
epyc 7501 -
amd
epyc 7513 -
amd
epyc 7453 -
amd
epyc 74f3 -
amd
epyc 7443p -
amd
epyc 7443 -
amd
epyc 7413 -
amd
epyc 73f3 -
amd
epyc 7343 -
amd
epyc 7313p -
amd
epyc 7313 -
amd
epyc 7532 -
amd
epyc 7502 -
amd
epyc 7502p -
amd
epyc 7452 -
amd
epyc 7402 -
amd
epyc 7402p -
amd
epyc 7352 -
amd
epyc 7551 -
amd
epyc 7551p -
amd
epyc 7601 -
amd
epyc 7763 -
amd
epyc 7713p -
amd
epyc 7713 -
amd
epyc 7663 -
amd
epyc 7643 -
amd
epyc 75f3 -
amd
epyc 7543p -
amd
epyc 7543 -
amd
epyc 7f72 -
amd
epyc 7f52 -
amd
epyc 7f32 -
amd
epyc 7h12 -
amd
epyc 7742 -
amd
epyc 7702 -
amd
epyc 7702p -
amd
epyc 7662 -
amd
epyc 7642 -
amd
epyc 7552 -
amd
epyc 7542 -
amd
epyc embedded 3351 -
amd
epyc embedded 3255 -
amd
epyc embedded 3251 -
amd
epyc embedded 3201 -
amd
epyc embedded 3151 -
amd
epyc embedded 3101 -
amd
epyc embedded 3451 -
Denotes that component is vulnerable