All the vulnerabilites related to Advanced Micro Devices (AMD) - AMD Software PRO
jvndb-2023-004294
Vulnerability from jvndb
Published
2023-10-27 16:10
Modified
2024-05-20 17:49
Severity ?
Summary
Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL
Details
Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-20598). Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.
Show details on JVN DB website


{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-004294.html",
  "dc:date": "2024-05-20T17:49+09:00",
  "dcterms:issued": "2023-10-27T16:10+09:00",
  "dcterms:modified": "2024-05-20T17:49+09:00",
  "description": "Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-20598).\r\n\r\nTakahiro Haruyama of VMware reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-004294.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:amd:adrenalin",
      "@product": "AMD Software Adrenalin",
      "@vendor": "Advanced Micro Devices (AMD)",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:amd:pro",
      "@product": "AMD Software PRO",
      "@vendor": "Advanced Micro Devices (AMD)",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.5",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-004294",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU97149791/",
      "@id": "JVNVU#97149791",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/ta/JVNTA90371415/index.html",
      "@id": "JVNTA#90371415",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-20598",
      "@id": "CVE-2023-20598",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-20598",
      "@id": "CVE-2023-20598",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/782.html",
      "@id": "CWE-782",
      "@title": "Exposed IOCTL with Insufficient Access Control(CWE-782)"
    }
  ],
  "title": "Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL"
}