Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1 vulnerability found for AMD Software PRO by Advanced Micro Devices (AMD)

    JVNDB-2023-004294

    Vulnerability from jvndb - Published: 2023-10-27 16:10 - Updated:2024-05-20 17:49
    Severity
    5.5 (Medium) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
    Summary
    Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL
    Details
    Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-20598). Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.
    References
    Impacted products
    Show details on JVN DB website
    To clipboard 

    {
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-004294.html",
  "dc:date": "2024-05-20T17:49+09:00",
  "dcterms:issued": "2023-10-27T16:10+09:00",
  "dcterms:modified": "2024-05-20T17:49+09:00",
  "description": "Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL (CWE-782, CVE-2023-20598).\r\n\r\nTakahiro Haruyama of VMware reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-004294.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:amd:adrenalin",
      "@product": "AMD Software Adrenalin",
      "@vendor": "Advanced Micro Devices (AMD)",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:amd:pro",
      "@product": "AMD Software PRO",
      "@vendor": "Advanced Micro Devices (AMD)",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.5",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2023-004294",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU97149791/",
      "@id": "JVNVU#97149791",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/ta/JVNTA90371415/index.html",
      "@id": "JVNTA#90371415",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-20598",
      "@id": "CVE-2023-20598",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-20598",
      "@id": "CVE-2023-20598",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/782.html",
      "@id": "CWE-782",
      "@title": "Exposed IOCTL with Insufficient Access Control(CWE-782)"
    }
  ],
  "title": "Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL"
}