CVE-2023-31358

High CVSS: 7.3

A DLL hijacking vulnerability in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

Vendor

Amd

Product

Aim-t Manageability Api

CWE

CWE-276

Yayın Tarihi

2025-05-13 18:15:27

Güncelleme

2025-05-16 16:51:47

Source Identifier

psirt@amd.com

KEV Date Added

Kategoriler

CWE-276 Aim-t Manageability Api HIGH Amd 2025

Referanslar

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9015.html

Benzer Kayıtlar

High

CVE-2023-20548

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt…

High

CVE-2023-31324

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify…

High

CVE-2025-48510

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confi…

Medium

CVE-2025-48511

Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potenti…

Medium

CVE-2025-29933

Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a…

Medium

CVE-2025-48502

Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting…