CVE-2023-31310

Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set temperature input selection" command, potentially resulting in a loss of integrity and/or availability.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.7

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html

Configurations

No configuration.

History

31 Oct 2024, 15:35

Type	Values Removed	Values Added
Summary		(es) Una validación de entrada incorrecta en el firmware de administración de energía (PMFW) puede permitir que un atacante con privilegios envíe una entrada con formato incorrecto para el comando "establecer selección de entrada de temperatura", lo que podría provocar una pérdida de integridad y/o disponibilidad.
CWE		CWE-1284

13 Aug 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-13 17:15

Updated : 2024-10-31 15:35

NVD link : CVE-2023-31310

Mitre link : CVE-2023-31310

CVE.ORG link : CVE-2023-31310

JSON object : View

Products Affected

No product.

CWE

CWE-1284

Improper Validation of Specified Quantity in Input

5.0 /10