CVE-2023-31343
Published: Feb 11, 2025
Modified: Sep 23, 2025
CVSS v3.1
7.5
Description
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
| Vendor | Product | Versions |
|---|---|---|
AMD | AMD EPYC™ 7003 Processors | unaffected MilanPI 1.0.0.C |
AMD | AMD EPYC™ 9004 Processors | unaffected GenoaPI 1.0.0.B |
AMD | AMD Instinct™ MI300A | unaffected MI300API 1.0.0.5 |
AMD | AMD Ryzen™ 3000 Series Desktop Processors | unaffected ComboAM4v2PI 1.2.0.C |
AMD | AMD Ryzen™ 5000 Series Desktop Processors | unaffected ComboAM4v2PI 1.2.0.C |
AMD | AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics | unaffected ComboAM4v2PI 1.2.0.C |
AMD | AMD Ryzen™ 7000 Series Desktop Processors | unaffected ComboAM5 1.1.0.2 |
AMD | AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics | unaffected ComboAM4v2PI 1.2.0.C |
AMD | AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics | unaffected ComboAM4v2PI 1.2.0.C |
AMD | AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics | unaffected ComboAM5 1.1.0.2 |
AMD | AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors | unaffected ChagallWSPI-sWRX8 1.0.0.7 |
AMD | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics | unaffected "Pollock-FT5 1.0.0.7" |
AMD | AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics | unaffected "Picasso-FP5 1.0.1.1" |
AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics | unaffected "RenoirPI-FP6 1.0.0.D" |
AMD | AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics | unaffected "Cezanne-FP6 1.0.1.0" |
AMD | AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics | unaffected "MendocinoPI-FT6 1.0.0.6" |
AMD | AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics | unaffected "Rembrandt-FP7 1.0.0.A" |
AMD | AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics | unaffected "Rembrandt-FP7 1.0.0.A" |
AMD | AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics | unaffected "PhoenixPI-FP8-FP7 1.1.0.2" |
AMD | AMD Ryzen™ 7000 Series Mobile Processors | unaffected "DragonRangeFL1PI 1.0.0.3C" |
AMD | AMD EPYC™ Embedded 7003 | unaffected "EmbMilanPI-SP3 1.0.0.8" |
AMD | AMD EPYC™ Embedded 9004 | unaffected EmbGenoaPI-SP5 1.0.0.6 |
AMD | AMD Ryzen™ Embedded R1000 | unaffected "EmbeddedPI-FP5 1.2.0.C" |
AMD | AMD Ryzen™ Embedded R2000 | affected "EmbeddedR2KPI-FP5 1.0.0.3" |
AMD | AMD Ryzen™ Embedded 5000 | unaffected "EmbAM4PI 1.0.0.5" |
AMD | AMD Ryzen™ Embedded 7000 | unaffected EmbeddedAM5PI 1.0.0.1 |
AMD | AMD Ryzen™ Embedded V2000 | unaffected "EmbeddedPI-FP6 1.0.0.9" |
AMD | AMD Ryzen™ Embedded V3000 | unaffected "Embedded-PI FP7r2 1.0.0.9" |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now