HomeAmdCVE-2023-31355

CVE-2023-31355

MEDIUM
6.0CVSS
Published: 2024-08-05
Updated: 2024-11-26
AI Analysis

Description

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.

CVSS Metrics

Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Attack Vector
local
Complexity
low
Privileges
high
User Action
none
Scope
changed
Confidentiality
high
Integrity
none
Availability
none
Weaknesses
CWE-119CWE-787

Metadata

Primary Vendor
AMD
Published
8/5/2024
Last Modified
11/26/2024
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

amd : epyc_7203_firmwareamd : epyc_7203p_firmwareamd : epyc_72f3_firmwareamd : epyc_7303_firmwareamd : epyc_7303p_firmwareamd : epyc_7313_firmwareamd : epyc_7313p_firmwareamd : epyc_7343_firmwareamd : epyc_73f3_firmwareamd : epyc_7373x_firmwareamd : epyc_7413_firmwareamd : epyc_7443_firmwareamd : epyc_7443p_firmwareamd : epyc_74f3_firmwareamd : epyc_7453_firmwareamd : epyc_7473x_firmwareamd : epyc_7513_firmwareamd : epyc_7543_firmwareamd : epyc_7543p_firmwareamd : epyc_75f3_firmwareamd : epyc_7573x_firmwareamd : epyc_7643_firmwareamd : epyc_7773x_firmwareamd : epyc_7643p_firmwareamd : epyc_7663_firmwareamd : epyc_7663p_firmwareamd : epyc_7713_firmwareamd : epyc_7713p_firmwareamd : epyc_7763_firmwareamd : epyc_8024pn_firmwareamd : epyc_8024p_firmwareamd : epyc_8124pn_firmwareamd : epyc_8124p_firmwareamd : epyc_8224pn_firmwareamd : epyc_8224p_firmwareamd : epyc_8324pn_firmwareamd : epyc_8324p_firmwareamd : epyc_8434pn_firmwareamd : epyc_8434p_firmwareamd : epyc_8534pn_firmwareamd : epyc_8534p_firmwareamd : epyc_9734_firmwareamd : epyc_9754s_firmwareamd : epyc_9754_firmwareamd : epyc_9184x_firmwareamd : epyc_9384x_firmwareamd : epyc_9684x_firmwareamd : epyc_9124_firmwareamd : epyc_9174f_firmwareamd : epyc_9224_firmwareamd : epyc_9254_firmwareamd : epyc_9274f_firmwareamd : epyc_9334_firmwareamd : epyc_9354_firmwareamd : epyc_9354p_firmwareamd : epyc_9374f_firmwareamd : epyc_9454_firmwareamd : epyc_9454p_firmwareamd : epyc_9474f_firmwareamd : epyc_9534_firmwareamd : epyc_9554_firmwareamd : epyc_9554p_firmwareamd : epyc_9634_firmwareamd : epyc_9654_firmwareamd : epyc_9654p_firmwareamd : epyc_embedded_7313_firmwareamd : epyc_embedded_7313p_firmwareamd : epyc_embedded_7413_firmwareamd : epyc_embedded_7443_firmwareamd : epyc_embedded_7443p_firmwareamd : epyc_embedded_7543_firmwareamd : epyc_embedded_7543p_firmwareamd : epyc_embedded_7643_firmwareamd : epyc_embedded_7713_firmwareamd : epyc_embedded_7713p_firmwareamd : epyc_embedded_9124_firmwareamd : epyc_embedded_9254_firmwareamd : epyc_embedded_9354_firmwareamd : epyc_embedded_9354p_firmwareamd : epyc_embedded_9454_firmwareamd : epyc_embedded_9454p_firmwareamd : epyc_embedded_9534_firmwareamd : epyc_embedded_9554_firmwareamd : epyc_embedded_9554p_firmwareamd : epyc_embedded_9654_firmwareamd : epyc_embedded_9654p_firmware

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2023-31355 | MEDIUM Severity | CVEDatabase.com | CVEDatabase.com