{"vulnerability": "CVE-2023-2057", "sightings": [{"uuid": "c6a59a39-d2fa-4f99-9e1a-87b72556e66a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20573", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18999", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20573\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A privileged attacker\ncan prevent delivery of debug exceptions to SEV-SNP guests potentially\nresulting in guests not receiving expected debug information.\n\n\n\n\n\ud83d\udccf Published: 2024-01-11T13:53:52.581Z\n\ud83d\udccf Modified: 2025-06-20T16:12:15.413Z\n\ud83d\udd17 References:\n1. https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3006", "creation_timestamp": "2025-06-20T16:45:01.000000Z"}, {"uuid": "7ba104d3-65d2-4c29-b930-24f688c61342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20579", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7610", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20579\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper\nAccess Control in the AMD SPI protection feature may allow a user with Ring0\n(kernel mode) privileged access to bypass protections potentially resulting in\nloss of integrity and availability.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\ud83d\udccf Published: 2024-02-13T19:32:11.904Z\n\ud83d\udccf Modified: 2025-03-14T17:21:09.724Z\n\ud83d\udd17 References:\n1. https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7009", "creation_timestamp": "2025-03-14T17:48:55.000000Z"}, {"uuid": "d7056443-22bb-4276-9881-9e84e4835fd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20573", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3823", "content": "#exploit \n1. Capturing the First Flag in Google's New v8CTF \nhttps://www.madstacks.dev/posts/Start-Your-Engines-Capturing-the-First-Flag-in-Google's-New-v8CTF \n \n2. CVE-2023-50916: \nAuthentication Coercion Vulnerability in Kyocera Device Manager \nhttps://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-50916-authentication-coercion-vulnerability-in-kyocera-device-manager \n \n3. CVE-2023-20573: \nA privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests... \nhttps://github.com/Freax13/cve-2023-20573-poc", "creation_timestamp": "2024-01-11T07:31:05.000000Z"}, {"uuid": "82244f6f-2081-4a64-a5fc-24ca8bd9ad7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20578", "type": "seen", "source": "https://t.me/cvedetector/3052", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-20578 - Intel SMM Time-Of-Check-Time-Of-Use Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-20578 \nPublished : Aug. 13, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow  \nan attacker with ring0 privileges and access to the  \nBIOS menu or UEFI shell to modify the communications buffer\u00a0potentially  \nresulting in arbitrary code execution. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T20:28:12.000000Z"}, {"uuid": "d6890f2a-a624-45e9-ad86-e9f90b36f8f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20573", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2480", "content": "#exploit\n1. Capturing the First Flag in Google's New v8CTF\nhttps://www.madstacks.dev/posts/Start-Your-Engines-Capturing-the-First-Flag-in-Google's-New-v8CTF\n\n2. CVE-2023-50916:\nAuthentication Coercion Vulnerability in Kyocera Device Manager\nhttps://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-50916-authentication-coercion-vulnerability-in-kyocera-device-manager\n\n3. CVE-2023-20573:\nA privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests...\nhttps://github.com/Freax13/cve-2023-20573-poc", "creation_timestamp": "2024-08-16T09:01:21.000000Z"}, {"uuid": "705e729e-20d9-4af3-b102-d7bc5d4bd0ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20573", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1828", "content": "https://github.com/Freax13/cve-2023-20573-poc\n#github", "creation_timestamp": "2024-01-11T17:19:56.000000Z"}, {"uuid": "b2a41adc-2b10-4305-a53f-4e34114ce719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20573", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9765", "content": "#exploit\n1. Capturing the First Flag in Google's New v8CTF\nhttps://www.madstacks.dev/posts/Start-Your-Engines-Capturing-the-First-Flag-in-Google's-New-v8CTF\n\n2. CVE-2023-50916:\nAuthentication Coercion Vulnerability in Kyocera Device Manager\nhttps://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-50916-authentication-coercion-vulnerability-in-kyocera-device-manager\n\n3. CVE-2023-20573:\nA privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests...\nhttps://github.com/Freax13/cve-2023-20573-poc", "creation_timestamp": "2024-01-12T01:36:25.000000Z"}, {"uuid": "a379494e-14f9-44d6-8216-ef122c6c5eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20579", "type": "seen", "source": "https://t.me/ctinow/184228", "content": "https://ift.tt/yG6ahUR\nCVE-2023-20579", "creation_timestamp": "2024-02-13T21:31:46.000000Z"}, {"uuid": "02797b0c-3093-4425-82cd-c80e5fefe277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20573", "type": "seen", "source": "https://t.me/ctinow/175959", "content": "https://ift.tt/d5oCB2u\nCVE-2023-20573 | AMD 3rd Gen EPYC Processors/4th Gen EPYC Processors Debug Information denial of service", "creation_timestamp": "2024-01-30T15:22:08.000000Z"}, {"uuid": "7b64ad8a-7abf-413e-9691-0f3fe59dfbbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20573", "type": "seen", "source": "https://t.me/ctinow/166777", "content": "https://ift.tt/JQt1Yfy\nCVE-2023-20573", "creation_timestamp": "2024-01-11T19:56:45.000000Z"}, {"uuid": "8187233b-2efe-4ae2-a597-f5552c1e76f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20573", "type": "seen", "source": "https://t.me/ctinow/166570", "content": "https://ift.tt/6tR7uEO\nCVE-2023-20573", "creation_timestamp": "2024-01-11T15:52:03.000000Z"}, {"uuid": "0608a24d-b813-4f51-b06d-3635e524332b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2057", "type": "seen", "source": "https://t.me/cibsecurity/62154", "content": "\u203c CVE-2023-2057 \u203c\n\nA vulnerability was found in EyouCms 1.5.4. It has been classified as problematic. Affected is an unknown function of the file login.php?m=admin&c=Arctype&a=edit of the component New Picture Handler. The manipulation of the argument litpic_loca leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225942 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T18:25:59.000000Z"}]}