Arbitrary Code Execution Vulnerability in AMD Power Management Firmware
CVE-2023-31313

7.2HIGH

Key Information:

Vendor: Amd
Status: Amd Instinct™ Mi210; Amd Instinct™ Mi250
Vendor: CVE Published:; 12 February 2026

What is CVE-2023-31313?

An unexpected proxy or intermediary in the AMD power management firmware may allow an attacker with privileges to craft and send malformed messages to the system management unit (SMU). This flaw potentially exposes the system to arbitrary code execution, posing significant risks to system integrity and confidentiality. Users are encouraged to review the security advisory for further details on mitigating actions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AMD Instinct™ MI210 ROCm 6.4.2

AMD Instinct™ MI250 ROCm 6.4.2

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 12, 2026
Vulnerability Reserved
Apr 27, 2023

JSON

Amd

What is CVE-2023-31313?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.