Monday, May 5, 2025
HomeCVE/vulnerabilityReptar - A New CPU Vulnerability Affects Intel and AMD CPUs

Reptar – A New CPU Vulnerability Affects Intel and AMD CPUs

Published on

SIEM as a Service

Follow Us on Google News

A critical CPU vulnerability can pose a significant threat by allowing:-

  • Unauthorized access to sensitive data
  • Enabling malicious code execution
  • Compromise the overall security of a system. 
  • System manipulation

Exploitation of such vulnerabilities can lead to widespread cyberattacks and significant disruptions.

Recently, Google noted a rise in CPU vulnerabilities this year, as August disclosures reveal the following vulnerabilities for the Intel and AMD CPUs:-

- Advertisement - Google News

Besides this, Google recently identified a new CPU vulnerability affecting CPUs from both Intel and AMD, and this vulnerability has been tracked as “CVE-2023-23583,” which is dubbed “Reptar.”

Reptar New CPU Vulnerability

The escalating trend of vulnerabilities poses a threat to billions of personal and cloud computers. 

Google’s InfoSec team reported the flaw to Intel, who swiftly disclosed and mitigated the flaw with industry collaboration.

A Google researcher found CPU vulnerability in interpreting redundant prefixes, enabling security bypass. Prefixes modify instruction behavior; however, if conflicting or illogical, then they are termed redundant and often ignored.

Exploiting this flaw in a multi-tenant virtualized setup crashes the host, denying service to other guests. It may also risk information exposure or even privilege escalation as well.

Besides this, Google’s response team had already deployed the mitigation to their systems before it posed a risk to customers, especially those on Google Cloud and ChromeOS.

Flaw Profile

CVEID: CVE-2023-23583

Description: The sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors that may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.

CVSS Base Score: 8.8

Severity: High

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Impact of vulnerability: Escalation of Privilege, Denial of Service, Information Disclosure

Original release: 11/14/2023

Last revised: 11/14/2023

Affected Products

Here below, we have mentioned all the Intel products that are affected:-

  • 10th Generation Intel® Core™ Processor Family (Mobile)
  • 3rd Generation Intel® Xeon® Processor Scalable Family (Server)
  • Intel® Xeon® D Processor (Server)
  • 11th Generation Intel® Core Processor Family (Desktop Embedded)
  • 11th Generation Intel® Core Processor Family (Mobile Embedded)
  • Intel® Server Processor (Server Embedded)

Products Mitigated

Here below, we have mentioned all the products that have already been mitigated:-

  • 12th Generation Intel® Core™ Processor Family (Mobile) (Mitigated Microcode Version: 0x2b)
  • 4th Generation Intel® Xeon® Processor Scalable Family (Server) (Mitigated Microcode Version: 0x2B000461)
  • 13th Generation Intel® Core™ Processor Family (Desktop) (Mitigated Microcode Version: 0x410E)

These vulnerabilities (Reptar, Zenbleed, Downfall) highlight the ongoing and uprising trend of hardware vulnerabilities that are evolving at a rapid pace.

The evolution of these vulnerabilities also rapidly fuels up the threat complexity and makes mitigations harder; that’s why Google heavily investing in CPU research, collaborating closely for user safety.

Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

NCSC Warns of Ransomware Attacks Targeting UK Organisations

National Cyber Security Centre (NCSC) has issued technical guidance following a series of cyber...

Claude AI Abused in Influence-as-a-Service Operations and Campaigns

Claude AI, developed by Anthropic, has been exploited by malicious actors in a range...

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting...

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

NCSC Warns of Ransomware Attacks Targeting UK Organisations

National Cyber Security Centre (NCSC) has issued technical guidance following a series of cyber...

Claude AI Abused in Influence-as-a-Service Operations and Campaigns

Claude AI, developed by Anthropic, has been exploited by malicious actors in a range...

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting...