PublicCVE

CVE-2023-31316

HIGH7.1JSON exportCreate alert

Description

Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.

CVSS breakdown

CVSS 4.0
Attack Vector
Local
Attack Complexity
High
Attack Requirements
Present
Privileges Required
Low
User Interaction
None
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
Low
Confidentiality (Subsequent System)
Low
Integrity (Subsequent System)
High
Availability (Subsequent System)
Low

Affected products