Lucene search

K
nvd[email protected]NVD:CVE-2023-31339
HistoryAug 13, 2024 - 5:15 p.m.

CVE-2023-31339

2024-08-1317:15:20
CWE-20
web.nvd.nist.gov
input validation
arm trusted firmware
amd zynq ultrascale+ mpsoc rfsoc
out of bound reads
data leakage
denial of service

CVSS3

4.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H

EPSS

0

Percentile

9.5%

Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.

CVSS3

4.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H

EPSS

0

Percentile

9.5%

Related for NVD:CVE-2023-31339