CVE-2023-31304

Summary

CVE-2023-31304 is a vulnerability affecting SMU (System Management Unit) that allows privileged attackers with control over a compromised physical function (PF) to manipulate PCIe lane count and speed through improper input validation. This issue may result in a loss of availability as the misconfigured settings could disrupt system performance. Attackers can exploit this vulnerability to cause system instability or even render the system unresponsive, potentially leading to significant downtime or data loss. System administrators are strongly advised to update their SMU firmware to patch this issue and secure their systems against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.