Lucene search

K
cvelistAMDCVELIST:CVE-2023-20567
HistoryNov 14, 2023 - 6:51 p.m.

CVE-2023-20567

2023-11-1418:51:25
AMD
www.cve.org
2
cve-2023-20567
admin privileges
amdsoftwareinstaller.exe
arbitrary code execution
file signature validation

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code execution.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "packageName": "AMD Software: Adrenalin Edition 23.7.1 ",
    "platforms": [
      "x86"
    ],
    "product": "Radeon™ RX 5000/6000/7000 Series Graphics Cards ",
    "vendor": " AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AMD Software: PRO Edition 23.Q3 ",
    "platforms": [
      "x86"
    ],
    "product": "Radeon™ PRO W5000/W6000/W7000 Series Graphics Cards",
    "vendor": " AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "x86"
    ],
    "product": "Radeon™ RX Vega Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "x86"
    ],
    "product": "Radeon™ PRO WX Vega Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2023-20567