{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20586", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2022-10-27T18:53:39.759Z", "datePublished": "2023-08-08T17:05:16.338Z", "dateUpdated": "2024-10-11T16:52:31.173Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "platforms": ["x86"], "product": "Radeon\u2122 Software Crimson ReLive Edition", "vendor": "AMD", "versions": [{"status": "affected", "version": "Various "}]}], "datePublic": "2023-08-08T16:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(248, 249, 250);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">A potential vulnerability was reported in </span><span style=\"background-color: rgb(255, 255, 255);\">Radeon\u2122 Software Crimson ReLive Edition</span><span style=\"background-color: rgb(255, 255, 255);\"> which may allow escalation of privilege. </span><span style=\"background-color: rgb(255, 255, 255);\">Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations</span>\n\n\n\n\n\n</span>\n\n\n\n\n\n\n\n\n\n"}], "value": "\nA potential vulnerability was reported in Radeon\u2122 Software Crimson ReLive Edition which may allow escalation of privilege. Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2023-08-08T17:05:16.338Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007"}], "source": {"advisory": "AMD-SB-6007", "discovery": "UNKNOWN"}, "title": "Radeon\u2122 Software Crimson ReLive Edition", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:36.256Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-11T16:52:02.725525Z", "id": "CVE-2023-20586", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T16:52:31.173Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:36.256Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-20586", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-11T16:52:02.725525Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T16:52:27.295Z"}}], "cna": {"title": "Radeon\u2122 Software Crimson ReLive Edition", "source": {"advisory": "AMD-SB-6007", "discovery": "UNKNOWN"}, "affected": [{"vendor": "AMD", "product": "Radeon\u2122 Software Crimson ReLive Edition", "versions": [{"status": "affected", "version": "Various "}], "platforms": ["x86"], "defaultStatus": "affected"}], "datePublic": "2023-08-08T16:30:00.000Z", "references": [{"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nA potential vulnerability was reported in Radeon\u2122 Software Crimson ReLive Edition which may allow escalation of privilege. Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(248, 249, 250);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">A potential vulnerability was reported in </span><span style=\"background-color: rgb(255, 255, 255);\">Radeon\u2122 Software Crimson ReLive Edition</span><span style=\"background-color: rgb(255, 255, 255);\"> which may allow escalation of privilege. </span><span style=\"background-color: rgb(255, 255, 255);\">Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations</span>\n\n\n\n\n\n</span>\n\n\n\n\n\n\n\n\n\n", "base64": false}]}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2023-08-08T17:05:16.338Z"}}}, "cveMetadata": {"cveId": "CVE-2023-20586", "state": "PUBLISHED", "dateUpdated": "2024-10-11T16:52:31.173Z", "dateReserved": "2022-10-27T18:53:39.759Z", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "datePublished": "2023-08-08T17:05:16.338Z", "assignerShortName": "AMD"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amd:radeon_software:-:*:*:*:crimson_relive:*:*:*", "matchCriteriaId": "1B9B57CB-1D5E-4FE9-B03D-315A9B54650A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "\nA potential vulnerability was reported in Radeon\u2122 Software Crimson ReLive Edition which may allow escalation of privilege. Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "id": "CVE-2023-20586", "lastModified": "2024-11-21T07:41:10.223", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-08T18:15:11.593", "references": [{"source": "psirt@amd.com", "tags": ["Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}