HIGH🇬🇧 English

CVE-2023-31348

CVSS 7.3v3.1pub. 2024-08-13upd. 2024-12-12

A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
  • Amd Uprof

    APP
    Amd
    < 4.1.424< 4.2.816< 4.2.845
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCELPE
CWE
Referencje

Powiązane podatności

CVE-2025-48510HIGH7.1ten sam produkt

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in los...

CVE-2023-31349HIGH7.3ten sam produkt

Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privi...

CVE-2023-31341HIGH7.3ten sam produkt

Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow an authenticat...

CVE-2026-28237MEDIUM6.8ten sam produkt

Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potent...

CVE-2026-0466MEDIUM6.8ten sam produkt

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-sh...