CVE-2023-31342

HIGH

SMM Handler < - Memory Corruption

Title source: llm
STIX 2.1

Description

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.

References (3)

Scores

CVSS v3 7.5
EPSS 0.0003
EPSS Percentile 10.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-1220
Status published
Products (28)
AMD/AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics ComboAM4v2PI 1.2.0.C
AMD/AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Pollock-FT5 1.0.0.7
AMD/AMD EPYC™ 7003 Processors MilanPI 1.0.0.C
AMD/AMD EPYC™ 9004 Processors GenoaPI 1.0.0.B
AMD/AMD EPYC™ Embedded 7003 EmbMilanPI-SP3 1.0.0.8
AMD/AMD EPYC™ Embedded 9004 EmbGenoaPI-SP5 1.0.0.6
AMD/AMD Instinct™ MI300A MI300API 1.0.0.5
AMD/AMD Ryzen™ 3000 Series Desktop Processors ComboAM4v2PI 1.2.0.C
AMD/AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Picasso-FP5 1.0.1.1
AMD/AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics ComboAM4v2PI 1.2.0.C
... and 18 more
Published Feb 11, 2025
Tracked Since Feb 18, 2026