# Advisory on CVE-2023-23583

## Escalation of privilege for some Intel processors

On November 14th, 2023, Intel disclosed a vulnerability in its recent computer processor microarchitecture. This vulnerability, known as **Redundant REX Prefix**, may allow an attacker to confuse the system, resulting in unpredictable behavior. If an attacker successfully exploits this vulnerability, they could crash or hang the target system and, in some scenarios, allow an escalation of privilege, which may allow an attacker to obtain sensitive information from the system. This vulnerability is assigned CVE ID **CVE-2023-23583** and has been given a high severity of **8.8 score** by Intel.

## Impacted IONOS Cloud products

| Product Ranges   | Product                                                                                                             | Impacted | Mitigated | Patch Status |
| ---------------- | ------------------------------------------------------------------------------------------------------------------- | -------- | --------- | ------------ |
| Compute Services | [<mark style="color:blue;">Dedicated Core Servers</mark>](/cloud/compute-services/compute-engine/dedicated-core.md) | Yes      | Yes       | Done         |
| Compute Services | [<mark style="color:blue;">vCPU Servers</mark>](/cloud/compute-services/compute-engine/vcpu-server.md)              | Yes      | Yes       | Done         |

## What action has IONOS Cloud taken to mitigate the severity?

IONOS Cloud is committed to the privacy and security of our customers' data. We have already completed the required steps to mitigate this vulnerability by upgrading the affected systems' firmware. IONOS Cloud owns the patching responsibility, and no action is required from the customer.

## How can I get help?

If you have further questions or concerns about this vulnerability, contact [<mark style="color:blue;">IONOS Cloud Support</mark>](https://docs.ionos.com/cloud/support/general-information/contact-information).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ionos.com/cloud/security-safeguards/vulnerability-register/2023/cve-2023-23583.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.