Skip to main content

Radeon Software

8 CVEs product

Monthly

CVE-2023-31324 HIGH This Week

Rocm contains a vulnerability that allows attackers to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as t (CVSS 7.8).

Race Condition Radeon Vii Firmware Radeon Software Radeon Pro Vii Firmware Rocm
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-20548 HIGH This Week

Rocm contains a vulnerability that allows attackers to corrupt memory resulting in loss of integrity, confidentiality, or availability (CVSS 7.8).

Race Condition Rocm Radeon Pro Vii Firmware Radeon Software Radeon Vii Firmware
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-21937 HIGH This Week

Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd Radeon Software Radeon Software For Hip
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-31320 HIGH This Week

Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Amd Denial Of Service Radeon Software Radeon Rx Vega 56 Firmware Radeon Rx Vega 64 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-20568 MEDIUM This Month

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Jwt Attack Microsoft Radeon Rx Vega M Firmware Radeon Software +4
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-20567 MEDIUM This Month

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Jwt Attack Microsoft Radeon Rx Vega M Firmware Radeon Software +4
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-20598 HIGH This Week

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd Radeon Software
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-20586 CRITICAL Act Now

A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Amd Privilege Escalation Radeon Software
NVD
CVSS 3.1
9.8
EPSS
0.8%
EPSS 0% CVSS 7.8
HIGH This Week

Rocm contains a vulnerability that allows attackers to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as t (CVSS 7.8).

Race Condition Radeon Vii Firmware Radeon Software +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Rocm contains a vulnerability that allows attackers to corrupt memory resulting in loss of integrity, confidentiality, or availability (CVSS 7.8).

Race Condition Rocm Radeon Pro Vii Firmware +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Amd Denial Of Service Radeon Software +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Jwt Attack Microsoft +6
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Jwt Attack Microsoft +6
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Amd Privilege Escalation Radeon Software
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy