CVE-2023-31310

{"id": "CVE-2023-31310", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@amd.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 0.8}]}, "published": "2024-08-13T17:15:20.683", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html", "source": "psirt@amd.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-1284"}]}], "descriptions": [{"lang": "en", "value": "Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the \"set temperature input selection\" command, potentially resulting in a loss of integrity and/or availability."}, {"lang": "es", "value": "Una validaci\u00f3n de entrada incorrecta en el firmware de administraci\u00f3n de energ\u00eda (PMFW) puede permitir que un atacante con privilegios env\u00ede una entrada con formato incorrecto para el comando \"establecer selecci\u00f3n de entrada de temperatura\", lo que podr\u00eda provocar una p\u00e9rdida de integridad y/o disponibilidad."}], "lastModified": "2024-10-31T15:35:04.980", "sourceIdentifier": "psirt@amd.com"}