CVE-2023-20567

🗓️ 14 Nov 2023 18:51:25Reported by AMDType

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution

Reporter	Title	Published	Views	Family All 11
Amd	AMD Graphics Driver Vulnerabilities – November 2023	14 Nov 202300:00	–	amd
BDU FSTEC	The vulnerability of the graphics driver of AMD Radeon microprogramming software allows a hacker to execute arbitrary code.	1 Dec 202300:00	–	bdu_fstec
CNNVD	AMD Graphics Driver Data Forgery Issue Vulnerability	14 Nov 202300:00	–	cnnvd
Cvelist	CVE-2023-20567	14 Nov 202318:51	–	cvelist
EUVD	EUVD-2023-24746	3 Oct 202520:07	–	euvd
Hewlett-Packard	AMD Graphics Driver November 2023 Security Update	21 Nov 202300:00	–	hp
Intel	Intel® Core™ Processors with Radeon™ RX Vega M Graphics Advisory	14 Nov 202300:00	–	intel
NVD	CVE-2023-20567	14 Nov 202319:15	–	nvd
OSV	CVE-2023-20567	14 Nov 202319:15	–	osv
Prion	Input validation	14 Nov 202319:15	–	prion

NVD

Node

intel radeon_rx_vega_m_firmwareRange<23.10.01.46

AND

intel core_i5-8305gMatch-

intel core_i7-8705gMatch-

intel core_i7-8706gMatch-

intel core_i7-8709gMatch-

intel nuc_8_enthusiast_nuc8i7hnkqcMatch-

intel nuc_8_enthusiast_nuc8i7hvkvaMatch-

intel nuc_8_enthusiast_nuc8i7hvkvawMatch-

intel nuc_kit_nuc8i7hnkMatch-

intel nuc_kit_nuc8i7hvkMatch-

Node

amd radeon_softwareRange<23.7.1adrenalin

AND

amd radeon_rx_5300Match-

amd radeon_rx_5300_xtMatch-

amd radeon_rx_5300mMatch-

amd radeon_rx_5500Match-

amd radeon_rx_5500_xtMatch-

amd radeon_rx_5500mMatch-

amd radeon_rx_5600Match-

amd radeon_rx_5600_xtMatch-

amd radeon_rx_5600mMatch-

amd radeon_rx_5700Match-

amd radeon_rx_5700_xtMatch-

amd radeon_rx_5700mMatch-

amd radeon_rx_6300mMatch-

amd radeon_rx_6400Match-

amd radeon_rx_6450mMatch-

amd radeon_rx_6500_xtMatch-

amd radeon_rx_6500mMatch-

amd radeon_rx_6550mMatch-

amd radeon_rx_6550sMatch-

amd radeon_rx_6600Match-

amd radeon_rx_6600_xtMatch-

amd radeon_rx_6600mMatch-

amd radeon_rx_6600sMatch-

amd radeon_rx_6650_xtMatch-

amd radeon_rx_6650mMatch-

amd radeon_rx_6650m_xtMatch-

amd radeon_rx_6700Match-

amd radeon_rx_6700_xtMatch-

amd radeon_rx_6700mMatch-

amd radeon_rx_6700sMatch-

amd radeon_rx_6800Match-

amd radeon_rx_6800_xtMatch-

amd radeon_rx_6800mMatch-

amd radeon_rx_6800sMatch-

amd radeon_rx_6850m_xtMatch-

amd radeon_rx_6900_xtMatch-

amd radeon_rx_6950_xtMatch-

amd radeon_rx_7600Match-

amd radeon_rx_7600mMatch-

amd radeon_rx_7600m_xtMatch-

amd radeon_rx_7600sMatch-

amd radeon_rx_7700_xtMatch-

amd radeon_rx_7700sMatch-

amd radeon_rx_7800_xtMatch-

amd radeon_rx_7900_greMatch-

amd radeon_rx_7900_xtMatch-

amd radeon_rx_7900_xtxMatch-

amd radeon_rx_7900mMatch-

Node

amd radeon_softwareRange<23.q3pro

AND

amd radeon_pro_w5500Match-

amd radeon_pro_w5500xMatch-

amd radeon_pro_w5700Match-

amd radeon_pro_w5700xMatch-

amd radeon_pro_w6300Match-

amd radeon_pro_w6300mMatch-

amd radeon_pro_w6400Match-

amd radeon_pro_w6500mMatch-

amd radeon_pro_w6600Match-

amd radeon_pro_w6600mMatch-

amd radeon_pro_w6600xMatch-

amd radeon_pro_w6800Match-

amd radeon_pro_w6800xMatch-

amd radeon_pro_w6800x_duoMatch-

amd radeon_pro_w6900xMatch-

amd radeon_pro_w7500Match-

amd radeon_pro_w7600Match-

amd radeon_pro_w7800Match-

Node

amd radeon_rx_vega_56_firmwareMatch-

AND

amd radeon_rx_vega_56Match-

Node

amd radeon_rx_vega_64_firmwareMatch-

AND

amd radeon_rx_vega_64Match-

Node

amd radeon_pro_vega_56_firmwareMatch-

AND

amd radeon_pro_vega_56Match-

Node

amd radeon_pro_vega_64_firmwareMatch-

AND

amd radeon_pro_vega_64Match-

Node

amd radeon_softwareRange<23.7.1adrenalin

amd radeon_softwareRange<23.q3pro

AND

amd ryzen_3_3015ceMatch-

amd ryzen_3_3015eMatch-

amd ryzen_3_4100Match-

amd ryzen_3_4300gMatch-

amd ryzen_3_4300geMatch-

amd ryzen_3_4300uMatch-

amd ryzen_3_5300gMatch-

amd ryzen_3_5300geMatch-

amd ryzen_3_5300uMatch-

amd ryzen_5_4500Match-

amd ryzen_5_4500uMatch-

amd ryzen_5_4600gMatch-

amd ryzen_5_4600geMatch-

amd ryzen_5_4600hMatch-

amd ryzen_5_4600hsMatch-

amd ryzen_5_4600uMatch-

amd ryzen_5_4680uMatch-

amd ryzen_5_5500hMatch-

amd ryzen_5_5500uMatch-

amd ryzen_5_5600gMatch-

amd ryzen_5_5600geMatch-

amd ryzen_5_pro_3200gMatch-

amd ryzen_5_pro_3200geMatch-

amd ryzen_5_pro_3350gMatch-

amd ryzen_5_pro_3350geMatch-

amd ryzen_5_pro_3400gMatch-

amd ryzen_5_pro_3400geMatch-

amd ryzen_7_4700gMatch-

amd ryzen_7_4700geMatch-

amd ryzen_7_4700uMatch-

amd ryzen_7_4800hMatch-

amd ryzen_7_4800hsMatch-

amd ryzen_7_4980uMatch-

amd ryzen_7_5700gMatch-

amd ryzen_7_5700geMatch-

amd ryzen_7_5700uMatch-

amd ryzen_9_4900hMatch-

amd ryzen_9_4900hsMatch-

[
  {
    "defaultStatus": "unaffected",
    "packageName": "AMD Software: Adrenalin Edition 23.7.1",
    "platforms": [
      "x86"
    ],
    "product": "Radeon™ RX 5000/6000/7000 Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AMD Software: PRO Edition 23.Q3",
    "platforms": [
      "x86"
    ],
    "product": "Radeon™ PRO W5000/W6000/W7000 Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "x86"
    ],
    "product": "Radeon™ RX Vega Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "x86"
    ],
    "product": "Radeon™ PRO WX Vega Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

Source	Link
amd	www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6003
intel	www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00971.html

13 Feb 2025 17:16Current

7.1High risk

Vulners AI Score7.1

CVSS 3.16.7

EPSS0.00029

CWE-347

cve-2023-20567 radeon rx vega m graphics driver windows signature verification admin privileges amdsoftwareinstaller.exe file signature arbitrary code execution