Improper Input Validation in AMD Products Leading to Potential Code Execution
CVE-2023-31345
7.5HIGH
Key Information:
- Vendor
Amd
- Status
- Vendor
- CVE Published:
- 12 February 2025
What is CVE-2023-31345?
An improper input validation issue exists in the System Management Mode (SMM) handler of certain AMD processors. This vulnerability may allow a privileged attacker to manipulate the System Management RAM (SMRAM), which can potentially lead to unauthorized execution of arbitrary code. Attackers exploiting this flaw could gain increased privileges and perform malicious activities, making it crucial for users and organizations to apply the latest security patches and mitigate risks.
Affected Version(s)
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics "Pollock-FT5 1.0.0.7"
AMD EPYC™ 7003 Processors MilanPI 1.0.0.C
AMD EPYC™ 9004 Processors GenoaPI 1.0.0.B