CVE-2023-20514

CVE-2023-20514 PUBLISHED

Assigner: AMD
Reserved: 27.10.2022 Published: 11.02.2026 Updated: 11.02.2026

Improper handling of parameters in the AMD Secure Processor (ASP) could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
CVSS Score: 8.7

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Local	Confidentiality	High	Confidentiality	High
Attack Complexity	High	Integrity	High	Integrity	High
Attack Requirements	None	Availability	High	Availability	High
Privileges Required	High
User Interaction	None

CVSS 4.0

Product Status

Vendor	AMD
Product	AMD Radeon™ RX 6000 Series Graphics Products
Versions	Default: affected Version AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10) is unaffected

Vendor

AMD

Product

AMD Radeon™ RX 6000 Series Graphics Products

Versions

Default: affected

Version AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10) is unaffected

Vendor	AMD
Product	AMD Radeon™ PRO W6000 Series Graphics Products
Versions	Default: affected Version AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10) is unaffected

Vendor

AMD

Product

AMD Radeon™ PRO W6000 Series Graphics Products

Versions

Default: affected

Version AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10) is unaffected

Vendor	AMD
Product	AMD Radeon™ RX 7000 Series Graphics Products
Versions	Default: affected Version AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10) is unaffected

Vendor

AMD

Product

AMD Radeon™ RX 7000 Series Graphics Products

Versions

Default: affected

Version AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10) is unaffected

Vendor	AMD
Product	AMD Radeon™ PRO W7000 Series Graphics Products
Versions	Default: affected Version AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10) is unaffected

Vendor

AMD

Product

AMD Radeon™ PRO W7000 Series Graphics Products

Versions

Default: affected

Version AMD Software: Adrenalin Edition 25.5.1 (25.10.01.09), AMD Software: PRO Edition 25.Q2 (25.10.10) is unaffected

Vendor	AMD
Product	AMD Radeon™ PRO VII
Versions	Default: affected Version AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA) is unaffected

Vendor

AMD

Product

AMD Radeon™ PRO VII

Versions

Default: affected

Version AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA) is unaffected

Vendor	AMD
Product	AMD Radeon™ VII
Versions	Default: affected Version AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA) is unaffected

Vendor

AMD

Product

AMD Radeon™ VII

Versions

Default: affected

Version AMD Software: Adrenalin Edition 25.5.1 (23.19.23.01 pre-RDNA), AMD Software: PRO Edition 25.Q2 (23.19.23.01 pre-RDNA) is unaffected

Vendor	AMD
Product	AMD Radeon™ PRO V620
Versions	Default: affected Version Contact your AMD Customer Engineering representative is unaffected

Vendor

AMD

Product

AMD Radeon™ PRO V620

Versions

Default: affected

Version Contact your AMD Customer Engineering representative is unaffected

Vendor	AMD
Product	AMD Radeon™ PROV710
Versions	Default: affected Version Contact your AMD Customer Engineering representative is unaffected

Vendor

AMD

Product

AMD Radeon™ PROV710

Versions

Default: affected

Version Contact your AMD Customer Engineering representative is unaffected

References

Problem Types

CWE-233 Improper Handling of Parameters CWE