CVE-2023-20562

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Aug 14, 2023

Summary

CVE-2023-20562 is a vulnerability affecting AMD uProf. This issue stems from insufficient validation of the IOCTL (Input Output Control) input buffer. An authenticated user can exploit this flaw to load an unsigned driver, potentially gaining arbitrary kernel execution rights. This vulnerability poses a significant risk, as unsigned drivers can bypass normal security checks and execute malicious code. It is essential for AMD to release a patch to mitigate this issue and prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Advanced Micro Devices

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sRD2vp
https://www.cve.org/CVERecord?id=CVE-2023-20562
https://nvd.nist.gov/vuln/detail/CVE-2023-20562

Back to Vulnerability Database

CVE-2023-20562

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations