{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2023-31316", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2023-04-27T15:25:41.423Z", "datePublished": "2026-05-15T02:36:10.619Z", "dateUpdated": "2026-05-15T16:38:45.975Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2026-05-15T02:36:46.858Z" }, "datePublic": "2026-05-15T02:35:00.000Z", "problemTypes": [ { "descriptions": [ { "lang": "en", "cweId": "CWE-1304", "description": "CWE-1304 Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation", "type": "CWE" } ] } ], "affected": [ { "vendor": "AMD", "product": "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", "versions": [ { "status": "unaffected", "version": "Cezanne-FP6 1.0.1.0" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ 7000 Series Desktop Processors", "versions": [ { "status": "unaffected", "version": "ComboAM5PI 1.0.0.a" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ 4000 Series Desktop Processors", "versions": [ { "status": "unaffected", "version": "ComboAM4v2 1.2.0.Ca" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics", "versions": [ { "status": "unaffected", "version": "ComboAM4v2 1.2.0.Ca" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics", "versions": [ { "status": "unaffected", "version": "PhoenixPI-FP8-FP7_1.1.0.0" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", "versions": [ { "status": "unaffected", "version": "Renoir-FP6 1.0.0.D" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", "versions": [ { "status": "unaffected", "version": "Rembrandt-FP7 1.0.0.A" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", "versions": [ { "status": "unaffected", "version": "MendocinoPI-FT6_1.0.0.6" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics", "versions": [ { "status": "unaffected", "version": "DragonRangeFL1PI 1.0.0.3C" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ Embedded V2000 Series Processors", "versions": [ { "status": "unaffected", "version": "EmbeddedPI-FP6_1.0.0.9" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Ryzen™ Embedded V3000 Series Processors", "versions": [ { "status": "unaffected", "version": "Embedded-PI_FP7r2 1009" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Radeon™ RX 6000 Series Graphics Products", "versions": [ { "status": "unaffected", "version": "AMD Software: Adrenalin Edition 25.12.1 (25.10.37.01)" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Radeon™ RX 7000 Series Graphics Products", "versions": [ { "status": "unaffected", "version": "AMD Software: Adrenalin Edition 25.11.1 (25.20.29.01)" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Radeon™ PRO W7000 Series Graphics Products", "versions": [ { "status": "unaffected", "version": "AMD Software: PRO Edition 25.Q3.1 (25.10.32)" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Radeon™ PRO W6000 Series Graphics Products", "versions": [ { "status": "unaffected", "version": "AMD Software: PRO Edition 25.Q4 (25.10.37.01)" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Instinct™ MI250", "versions": [ { "status": "unaffected", "version": "ROCm 6.4" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Instinct™ MI210", "versions": [ { "status": "unaffected", "version": "ROCm 6.4" } ], "defaultStatus": "affected" }, { "vendor": "AMD", "product": "AMD Radeon™ PRO V620", "versions": [ { "status": "unaffected", "version": "Contact your AMD Customer Engineering representative" } ], "defaultStatus": "affected" } ], "descriptions": [ { "lang": "en", "value": "Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.
" } ] } ], "references": [ { "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html" }, { "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html" } ], "metrics": [ { "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ], "cvssV4_0": { "attackVector": "LOCAL", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "LOW", "subAvailabilityImpact": "LOW", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 7.1, "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L" } } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "AMD PSIRT Automation 1.0" } }, "adp": [ { "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2026-05-15T16:37:05.742579Z", "id": "CVE-2023-31316", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-15T16:38:45.975Z" } } ] } }