DLL Hijacking Vulnerability in AMD Integrated Management Technology (AIM-T)
CVE-2023-31361

7.3HIGH

Key Information:

Vendor
Amd
Status
Aim-t (amd Integrated Management Technology) Software
Vendor
CVE Published:
11 February 2025

Summary

A DLL hijacking vulnerability exists in the AMD Integrated Management Technology (AIM-T) Manageability Service, allowing attackers to exploit this flaw for privilege escalation. This could potentially lead to arbitrary code execution, posing significant risks to affected systems. Users are advised to review the security bulletin for mitigation strategies.

Affected Version(s)

AIM-T (AMD Integrated Management Technology) software 4.0.0.722

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.