Privilege Escalation in AMD Manageability API Affects Multiple Products
CVE-2023-31359

7.8HIGH

Key Information:

Vendor

Amd

Vendor
CVE Published:
13 May 2025

What is CVE-2023-31359?

The AMD Manageability API has a vulnerability due to incorrect default permissions which may allow unauthorized access, enabling an attacker to escalate their privileges. This can potentially lead to unauthorized arbitrary code execution, putting systems at risk. Users and administrators should review their configurations and apply recommended security practices to mitigate the risk associated with this issue.

Affected Version(s)

AIM-T Manageability API 6.0.0.2234

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.