{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20586", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2022-10-27T18:53:39.759Z", "datePublished": "2023-08-08T17:05:16.338Z", "dateUpdated": "2024-08-02T09:05:36.256Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "platforms": ["x86"], "product": "Radeon\u2122 Software Crimson ReLive Edition", "vendor": "AMD", "versions": [{"status": "affected", "version": "Various "}]}], "datePublic": "2023-08-08T16:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(248, 249, 250);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">A potential vulnerability was reported in </span><span style=\"background-color: rgb(255, 255, 255);\">Radeon\u2122 Software Crimson ReLive Edition</span><span style=\"background-color: rgb(255, 255, 255);\"> which may allow escalation of privilege. </span><span style=\"background-color: rgb(255, 255, 255);\">Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations</span>\n\n\n\n\n\n</span>\n\n\n\n\n\n\n\n\n\n"}], "value": "\nA potential vulnerability was reported in Radeon\u2122 Software Crimson ReLive Edition which may allow escalation of privilege. Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2023-08-08T17:05:16.338Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007"}], "source": {"advisory": "AMD-SB-6007", "discovery": "UNKNOWN"}, "title": "Radeon\u2122 Software Crimson ReLive Edition", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:36.256Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:amd:radeon_software:-:*:*:*:crimson_relive:*:*:*", "matchCriteriaId": "1B9B57CB-1D5E-4FE9-B03D-315A9B54650A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nA potential vulnerability was reported in Radeon\u2122 Software Crimson ReLive Edition which may allow escalation of privilege. Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "id": "CVE-2023-20586", "lastModified": "2023-08-21T17:25:49.017", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-08T18:15:11.593", "references": [{"source": "psirt@amd.com", "tags": ["Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}