Radeon Software
CVE-2023-20586
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations
AnalysisAI
A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations Affected products include: Amd Radeon Software.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Radeon Software
View allRocm contains a vulnerability that allows attackers to corrupt memory resulting in loss of integrity, confidentiality, o
Rocm contains a vulnerability that allows attackers to modify External Global Memory Interconnect Trusted Agent (XGMI TA
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege esc
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCT
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display poten
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privi
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privi
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today