CVE-2023-20598

2023-10-1713:26:21

AMD

www.cve.org

improper privilege management

amd radeon graphics

authenticated attacker

i/o control

arbitrary code execution

EPSS

Percentile

5.1%

JSON

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Radeon™ RX 5000 Series Graphics Cards",
    "vendor": " AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Radeon™ RX 6000 Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Radeon™ RX 7000 Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Radeon™ PRO W5000 Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "Various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Radeon™ PRO W6000 Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Radeon™ PRO W7000 Series Graphics Cards",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Ryzen™ 7045 Series Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": " Ryzen™ 7020 Series Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Ryzen™ 7040 Series Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Ryzen™ 7000 Series Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Ryzen™ 6000 Series Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "x86"
    ],
    "product": "Ryzen™ 7035 Series Processors with Radeon™ Graphics",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6009

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2023-20598