Back

CVE-2023-31310

Aug. 13, 2024, 5:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

AMD Power Management Firmware

Source

psirt@amd.com

Tags

psirt@amd.com
2024-08-13
CVE-2023-31310

CVE-2023-31310 details

Published : Aug. 13, 2024, 5:15 p.m.
Last Modified : Aug. 13, 2024, 5:15 p.m.

Description

Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set temperature input selection" command, potentially resulting in a loss of integrity and/or availability.

CVSS Score

1 2 3 4 5.0 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

Base Score

5.0

Exploitability Score

0.8

Impact Score

3.7

Base Severity

MEDIUM

Vector String : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

References

URL Source
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html psirt@amd.com
This website uses the NVD API, but is not approved or certified by it.