CVE-2023-31330
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-06
Last updated on: 2025-09-08
Assigner: Advanced Micro Devices Inc.
Description
Description
An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | ryzen_6000 | * |
| amd | ryzen_2000 | * |
| amd | client_processors | * |
| amd | ryzen_embedded_r2000 | * |
| amd | ryzen_embedded_v2000 | * |
| amd | ryzen_embedded_8000 | * |
| amd | athlon_3000_series_mobile | * |
| amd | pro_3000wx | * |
| amd | pro_7000 | * |
| amd | epyc_embedded_7002 | * |
| amd | ryzen_embedded_v3000 | * |
| amd | pro_5000wx | * |
| amd | ryzen_4000 | * |
| amd | epyc_embedded_7003 | * |
| amd | epyc_embedded_900 | * |
| amd | ryzen_embedded_7000 | * |
| amd | ryzen_embedded_r1000 | * |
| amd | ryzen_7000 | * |
| amd | ryzen_5000_series_mobile | * |
| amd | platform_initialization_firmware | * |
| amd | ryzen_embedded_5000 | * |
| amd | ryzen_8000 | * |
| amd | embedded_processors | * |
| amd | epyc_embedded_3000 | * |
| amd | ryzen_threadripper_3000 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
