CVE-2023-20569

Vulnerability updated 4 months ago (2024-05-04T17:19:24.607Z)

Download STIX

Preview STIX

CVE-2023-20569, a software vulnerability also known as "Inception", was discovered and disclosed by ETH Zurich academics. This flaw in software design or implementation potentially leads to information disclosure. The vulnerability is named "Inception" in reference to the Christopher Nolan film about manipulating a person's dreams to achieve a desired outcome in the real world. Details of the flaw were published on various platforms including the National Vulnerability Database (NVD) and the ETH Zurich research page. This vulnerability is one among several security issues addressed by Microsoft in its Chromium-based Edge browser since last month's Patch Tuesday edition. It is also identified as a side-channel flaw impacting certain processor models offered by AMD. The details and updates related to this vulnerability can be found on Microsoft's update guide. Moreover, Inception (CVE-2023-20569) is part of a series of novel methods of exploiting vulnerabilities, along with Collide+Power (CVE-2023-20583), and Downfall (CVE-2022-40982). These followed the disclosure of another newly discovered security vulnerability affecting AMD’s Zen 2 architecture-based processors. All these vulnerabilities highlight the ongoing challenges in securing software and hardware against increasingly sophisticated threats.

Description last updated: 2024-05-04T17:13:51.447Z

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CVE-2023-20569 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	8 months ago	Multiple vulnerabilities in Juniper Networks Session Smart Router
CERT-EU	a year ago	USN-6319-1 \| Security
CERT-EU	a year ago	Tripwire Patch Priority Index for August 2023
CERT-EU	a year ago	Mageia 2023-0251: kernel-linus security update \| LinuxSecurity.com
CERT-EU	a year ago	Debian Linux Kernel Multiple Vulnerabilities
CERT-EU	a year ago	GovCERT.HK - Security Alerts
CERT-EU	a year ago	Nearly every AMD CPU since 2017 vulnerable to Inception bug
CERT-EU	a year ago	Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs – GIXtools
CERT-EU	a year ago	Microsoft Releases Patches for 74 New Vulnerabilities in August Update
CERT-EU	a year ago	Августовские патчи Microsoft устраняют 87 уязвимостей, две 0-day
CERT-EU	a year ago	Novel 'Inception' Attack Exposes Sensitive Data in CPUs
SANS ISC	a year ago	Microsoft August 2023 Patch Tuesday - SANS Internet Storm Center
CERT-EU	a year ago	VERT Threat Alert: August 2023 Patch Tuesday Analysis
CERT-EU	a year ago	Microsoft August 2023 Patch Tuesday, (Tue, Aug 8th) – Cyber Safe NV
CERT-EU	a year ago	New Inception attack leaks sensitive data from all AMD Zen CPUs