CVE-2023-20586

{"id": "CVE-2023-20586", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-08-08T18:15:11.593", "references": [{"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007", "tags": ["Vendor Advisory"], "source": "psirt@amd.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "\nA potential vulnerability was reported in Radeon\u2122 Software Crimson ReLive Edition which may allow escalation of privilege. Radeon\u2122 Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "lastModified": "2023-08-21T17:25:49.017", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:amd:radeon_software:-:*:*:*:crimson_relive:*:*:*", "vulnerable": true, "matchCriteriaId": "1B9B57CB-1D5E-4FE9-B03D-315A9B54650A"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@amd.com"}