CVE-2023-20593 [Medium] | Information Disclosure in Xen

CVE-2023-20593 is rated High Exploit Risk (69.6/100): CVSS Medium severity, with high exploitation likelihood (EPSS 8.63%, 93th percentile). 1 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

EDB-ID	Source	Kind	Published	Link
—	nvd_ref	exploit_tag		Exploit-DB ↗

EDB-ID

Source

Kind

Published

Link

—

nvd_ref

exploit_tag

Exploit-DB ↗

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-11	8.44%	8.63%	+0.19%
2	2026-05-29	8.24%	8.44%	+0.20%
3	2026-05-28	—	8.24%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-11

8.44%

8.63%

+0.19%

2026-05-29

8.24%

8.44%

+0.20%

2026-05-28

—

8.24%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
5.5	3.1	MEDIUM	`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:L) A normal user session is enough; they don’t have to be admin. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:N) Data isn’t meaningfully altered or forged. Availability (A:N) Service keeps running; no real outage angle.	1.8	3.6	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

5.5

3.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L): A normal user session is enough; they don’t have to be admin.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:N): Data isn’t meaningfully altered or forged.
Availability (A:N): Service keeps running; no real outage angle.

1.8

3.6

[email protected]

OS Trackers for CVE-2023-20593

vendor	priority	summary	link
`alpine`	—	CVE-2023-20593: 1 source package rows (xen); 63 state rows across 7 repos (3.17-main, 3.18-main, 3.19-main, 3.20-main, 3.21-main, 3.22-main, edge-main); fixed 7, open 56.	https://security.alpinelinux.org/vuln/CVE-2023-20593
`debian`	not yet assigned	CVE-2023-20593 not yet assigned priority: Debian including 2 source packages (amd64-microcode, linux), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10.	https://security-tracker.debian.org/tracker/CVE-2023-20593
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2023-20593
`suse`	medium	—	https://www.suse.com/security/cve/CVE-2023-20593/
`ubuntu`	high	CVE-2023-20593 high priority: Ubuntu including 169 source packages (amd64-microcode, linux, …), 1996 status rows across 13 suites (bionic, focal, jammy, kinetic, lunar, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial): DNE 1512, released 250, not-affected 127, ignored 105, needed 2.	https://ubuntu.com/security/CVE-2023-20593

Affected software / configurations for CVE-2023-20593

Vendor	Product	Version	Raw CPE
xen	xen	4.14.0	cpe:2.3:o:xen:xen:4.14.0::::::x86:
xen	xen	4.15.0	cpe:2.3:o:xen:xen:4.15.0::::::x86:
xen	xen	4.16.0	cpe:2.3:o:xen:xen:4.16.0::::::x86:
xen	xen	4.17.0	cpe:2.3:o:xen:xen:4.17.0::::::x86:
debian	debian_linux	10.0	cpe:2.3:o:debian:debian_linux:10.0:::::::*
debian	debian_linux	11.0	cpe:2.3:o:debian:debian_linux:11.0:::::::*
debian	debian_linux	12.0	cpe:2.3:o:debian:debian_linux:12.0:::::::*
amd	ryzen_3_3100_firmware	—	cpe:2.3:o:amd:ryzen_3_3100_firmware:-:::::::*
amd	ryzen_3_3300x_firmware	—	cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:::::::*
amd	ryzen_5_3500_firmware	—	cpe:2.3:o:amd:ryzen_5_3500_firmware:-:::::::*
amd	ryzen_5_3500x_firmware	—	cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:::::::*
amd	ryzen_5_3600_firmware	—	cpe:2.3:o:amd:ryzen_5_3600_firmware:-:::::::*
amd	ryzen_5_3600x_firmware	—	cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:::::::*
amd	ryzen_5_3600xt_firmware	—	cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:::::::*
amd	ryzen_7_3700x_firmware	—	cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:::::::*
amd	ryzen_7_3800x_firmware	—	cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:::::::*
amd	ryzen_7_3800xt_firmware	—	cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:::::::*
amd	ryzen_9_3900_firmware	—	cpe:2.3:o:amd:ryzen_9_3900_firmware:-:::::::*
amd	ryzen_9_3900x_firmware	—	cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:::::::*
amd	ryzen_9_3900xt_firmware	—	cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:::::::*
amd	ryzen_9_3950x_firmware	—	cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:::::::*
amd	ryzen_9_pro_3900_firmware	—	cpe:2.3:o:amd:ryzen_9_pro_3900_firmware:-:::::::*
amd	ryzen_threadripper_pro_3995wx_firmware	—	cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:::::::*
amd	ryzen_threadripper_pro_3975wx_firmware	—	cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:::::::*
amd	ryzen_threadripper_pro_3955wx_firmware	—	cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:::::::*
amd	ryzen_threadripper_pro_3945wx_firmware	—	cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:::::::*
amd	ryzen_threadripper_3990x_firmware	—	cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:::::::*
amd	ryzen_threadripper_3970x_firmware	—	cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:::::::*
amd	ryzen_threadripper_3960x_firmware	—	cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:::::::*
amd	ryzen_7_4700g_firmware	—	cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:::::::*
amd	ryzen_7_4700ge_firmware	—	cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:::::::*
amd	ryzen_5_4600g_firmware	—	cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:::::::*
amd	ryzen_5_4600ge_firmware	—	cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:::::::*
amd	ryzen_3_4300g_firmware	—	cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:::::::*
amd	ryzen_3_4300ge_firmware	—	cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:::::::*
amd	ryzen_3_pro_4450u_firmware	—	cpe:2.3:o:amd:ryzen_3_pro_4450u_firmware:-:::::::*
amd	ryzen_3_pro_4350ge_firmware	—	cpe:2.3:o:amd:ryzen_3_pro_4350ge_firmware:-:::::::*
amd	ryzen_3_pro_4350g_firmware	—	cpe:2.3:o:amd:ryzen_3_pro_4350g_firmware:-:::::::*
amd	ryzen_3_pro_4200g_firmware	—	cpe:2.3:o:amd:ryzen_3_pro_4200g_firmware:-:::::::*
amd	ryzen_5_pro_4650ge_firmware	—	cpe:2.3:o:amd:ryzen_5_pro_4650ge_firmware:-:::::::*
amd	ryzen_5_pro_4650g_firmware	—	cpe:2.3:o:amd:ryzen_5_pro_4650g_firmware:-:::::::*
amd	ryzen_5_pro_4400g_firmware	—	cpe:2.3:o:amd:ryzen_5_pro_4400g_firmware:-:::::::*
amd	ryzen_7_pro_4750u_firmware	—	cpe:2.3:o:amd:ryzen_7_pro_4750u_firmware:-:::::::*
amd	ryzen_7_pro_4750ge_firmware	—	cpe:2.3:o:amd:ryzen_7_pro_4750ge_firmware:-:::::::*
amd	ryzen_7_pro_4750g_firmware	—	cpe:2.3:o:amd:ryzen_7_pro_4750g_firmware:-:::::::*
amd	ryzen_7_5700u_firmware	—	cpe:2.3:o:amd:ryzen_7_5700u_firmware:-:::::::*
amd	ryzen_5_5500u_firmware	—	cpe:2.3:o:amd:ryzen_5_5500u_firmware:-:::::::*
amd	ryzen_3_5300u_firmware	—	cpe:2.3:o:amd:ryzen_3_5300u_firmware:-:::::::*
amd	ryzen_5_7520u_firmware	—	cpe:2.3:o:amd:ryzen_5_7520u_firmware:-:::::::*
amd	ryzen_3_7320u_firmware	—	cpe:2.3:o:amd:ryzen_3_7320u_firmware:-:::::::*
amd	athlon_gold_7220u_firmware	—	cpe:2.3:o:amd:athlon_gold_7220u_firmware:-:::::::*
amd	epyc_7232p_firmware	—	cpe:2.3:o:amd:epyc_7232p_firmware:-:::::::*
amd	epyc_7302p_firmware	—	cpe:2.3:o:amd:epyc_7302p_firmware:-:::::::*
amd	epyc_7402p_firmware	—	cpe:2.3:o:amd:epyc_7402p_firmware:-:::::::*
amd	epyc_7502p_firmware	—	cpe:2.3:o:amd:epyc_7502p_firmware:-:::::::*
amd	epyc_7702p_firmware	—	cpe:2.3:o:amd:epyc_7702p_firmware:-:::::::*
amd	epyc_7252_firmware	—	cpe:2.3:o:amd:epyc_7252_firmware:-:::::::*
amd	epyc_7262_firmware	—	cpe:2.3:o:amd:epyc_7262_firmware:-:::::::*
amd	epyc_7272_firmware	—	cpe:2.3:o:amd:epyc_7272_firmware:-:::::::*
amd	epyc_7282_firmware	—	cpe:2.3:o:amd:epyc_7282_firmware:-:::::::*
amd	epyc_7302_firmware	—	cpe:2.3:o:amd:epyc_7302_firmware:-:::::::*
amd	epyc_7352_firmware	—	cpe:2.3:o:amd:epyc_7352_firmware:-:::::::*
amd	epyc_7402_firmware	—	cpe:2.3:o:amd:epyc_7402_firmware:-:::::::*
amd	epyc_7452_firmware	—	cpe:2.3:o:amd:epyc_7452_firmware:-:::::::*
amd	epyc_7502_firmware	—	cpe:2.3:o:amd:epyc_7502_firmware:-:::::::*
amd	epyc_7532_firmware	—	cpe:2.3:o:amd:epyc_7532_firmware:-:::::::*
amd	epyc_7542_firmware	—	cpe:2.3:o:amd:epyc_7542_firmware:-:::::::*
amd	epyc_7552_firmware	—	cpe:2.3:o:amd:epyc_7552_firmware:-:::::::*
amd	epyc_7642_firmware	—	cpe:2.3:o:amd:epyc_7642_firmware:-:::::::*
amd	epyc_7662_firmware	—	cpe:2.3:o:amd:epyc_7662_firmware:-:::::::*
amd	epyc_7702_firmware	—	cpe:2.3:o:amd:epyc_7702_firmware:-:::::::*
amd	epyc_7742_firmware	—	cpe:2.3:o:amd:epyc_7742_firmware:-:::::::*
amd	epyc_7h12_firmware	—	cpe:2.3:o:amd:epyc_7h12_firmware:-:::::::*
amd	epyc_7f32_firmware	—	cpe:2.3:o:amd:epyc_7f32_firmware:-:::::::*
amd	epyc_7f52_firmware	—	cpe:2.3:o:amd:epyc_7f52_firmware:-:::::::*
amd	epyc_7f72_firmware	—	cpe:2.3:o:amd:epyc_7f72_firmware:-:::::::*

References for CVE-2023-20593

URL	Tags
http://seclists.org/fulldisclosure/2023/Jul/43	Not Applicable
http://www.openwall.com/lists/oss-security/2023/07/24/3	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/1	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/12	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/13	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/14	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/15	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/16	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/17	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/5	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/25/6	Mailing List
http://www.openwall.com/lists/oss-security/2023/07/26/1	Mailing List Mitigation Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/07/31/2	Mailing List Mitigation Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/08/08/6
http://www.openwall.com/lists/oss-security/2023/08/08/7
http://www.openwall.com/lists/oss-security/2023/08/08/8
http://www.openwall.com/lists/oss-security/2023/08/16/4
http://www.openwall.com/lists/oss-security/2023/08/16/5
http://www.openwall.com/lists/oss-security/2023/09/22/11
http://www.openwall.com/lists/oss-security/2023/09/22/9
http://www.openwall.com/lists/oss-security/2023/09/25/4
http://www.openwall.com/lists/oss-security/2023/09/25/7
http://xenbits.xen.org/xsa/advisory-433.html	Mitigation Patch Vendor Advisory
https://cmpxchg8b.com/zenbleed.html	Exploit
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html	Mailing List
https://lists.debian.org/debian-lts-announce/2023/07/msg00033.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/
https://lists.fedoraproject.org/archives/list/[email protected]/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/
https://security.netapp.com/advisory/ntap-20240531-0004/
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7008	Vendor Advisory
https://www.debian.org/security/2023/dsa-5459	Third Party Advisory
https://www.debian.org/security/2023/dsa-5461	Third Party Advisory
https://www.debian.org/security/2023/dsa-5462	Third Party Advisory

URL

CVE-2023-20593

Public exploit references (Exploit-DB) for CVE-2023-20593

Exploit prediction scoring system (EPSS) score for CVE-2023-20593

Common vulnerability scoring system (CVSS) metrics for CVE-2023-20593

Weakness enumeration for CVE-2023-20593

OS Trackers for CVE-2023-20593

Affected software / configurations for CVE-2023-20593

References for CVE-2023-20593