WARNING: Important sensitive information disclosure vulnerability in AMD Zen CPUs
The vulnerability has a HIGH impact on Confidentiality that affects all operating systems, as it is a hardware flaw affecting AMD processors.
Furthermore, exploit code is publicly available for this vulnerability.
CVE-2023-20593: Disclosure of sensitive information
An issue in AMD’s Zen CPUs, under specific microarchitectural circumstances, allow an attacker to potentially access sensitive information at a rate of 30 kb per core, per second. This is fast enough to monitor encryption keys and passwords as users login.
The Centre for Cyber Security Belgium strongly recommends system administrators to check with their BIOS or Operating System vendor for an available update.
AMD have also released an microcode update for affected processors.