LiveActive security incident?Get immediate response
CVE Record

CVE-2023-31316: Improperly preserved integrity of hardware configuration state during a power save/restore operation in the...

Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.

HighCVSS 7.1Not KEV-listedUpdated
Glexia's TakeAutomated analysishigh

Security readout for executives and security teams

Plain-English summary

This is a firmware-level AMD issue where hardware state is not reliably protected during power save and restore. An attacker who already has local access and a specific memory-write capability could redirect video firmware execution, potentially affecting confidentiality, integrity, or availability.

Executive priority

Treat this as a high-priority firmware and driver remediation item, especially for fleets with AMD graphics, Ryzen endpoints, or GPU compute assets. The practical risk depends on local attacker foothold, but successful exploitation could affect system integrity.

Technical view

CVE-2023-31316 is a CWE-1304 issue in the AMD Secure Processor involving improper preservation of hardware configuration state across power transitions. With local, low-privileged access and high-complexity prerequisites, an attacker able to write outside the trusted memory range could influence VCN firmware control flow.

Likely exposure

Exposure is most likely on systems using the AMD Ryzen, Radeon, Radeon PRO, Instinct, and embedded products listed in AMD SB-4017 and SB-6027. It is not described as a remotely reachable vulnerability by itself.

Exploitation context

The CVSS vector indicates local access, high attack complexity, required attack conditions, low privileges, and no user interaction. The source bundle reports no CISA KEV listing, and no cited source states active exploitation.

Researcher notes

The key prerequisite is the ability to write outside the trusted memory range. Public source details do not provide enough evidence to assess reliable exploitability, affected OEM firmware availability, or real-world exploitation beyond the CVSS and AMD bulletin data.

Mitigation direction

  • Inventory systems using affected AMD Ryzen, Radeon, Radeon PRO, Instinct, and embedded products.
  • Review AMD SB-4017 and SB-6027 for product-specific guidance and update paths.
  • Apply vendor or OEM BIOS, firmware, driver, or ROCm updates where AMD guidance identifies them.
  • For Radeon PRO V620, contact the AMD Customer Engineering representative as directed.
  • Prioritize shared workstations, developer systems, GPU compute hosts, and endpoints with untrusted local users.

Validation and detection

  • Compare installed AMD hardware against the affected product list in the AMD bulletins.
  • Record BIOS, AGESA, graphics driver, and ROCm versions where applicable.
  • Confirm remediation status against AMD SB-4017 and SB-6027, not only OS patch state.
  • Check endpoint and EDR telemetry for suspicious local privilege or firmware-adjacent activity.
  • Track exceptions where OEM firmware or AMD customer guidance is still pending.
Prepared
Confidence
medium
Sources
4

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cwe · low confidence lookup

CWE-1304: Exact CWE lookup

Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.

Open ATT&CK lookup
cve · low confidence lookup

CVE-2023-31316 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
High
CVSS
7.1 (4.0)
Known Exploited
No
Published

Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

1CVSS vectors
3Timeline events
1ADP providers
3Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

CVSS vector scores

1 official score

We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.

ScoreVersionSeverityVectorExploitImpactSource
7.1CVSS 4.0HighCVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:LAMD

Vulnerability scoring details

Base CVSS 4.0 score

7.1High
CVSS 4.0 vector shape for CVE-2023-31316Attack VectorAttack ComplexityAttack RequirementsPrivileges RequiredUser InteractionVS ConfidentialityVS IntegrityVS AvailabilitySS ConfidentialitySS IntegritySS Availability

Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

Attack Vector
NetworkAdjacentLocalPhysical
Attack Complexity
LowHigh
Attack Requirements
NonePresent
Privileges Required
NoneLowHigh
User Interaction
NonePassiveActive
VS Confidentiality
HighLowNone
VS Integrity
HighLowNone
VS Availability
HighLowNone
SS Confidentiality
HighLowNone
SS Integrity
HighLowNone
SS Availability
HighLowNone

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CISA-ADPCISA ADP Vulnrichment
other:ssvc
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezanne-FP6 1.0.1.0affected
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.0.0.aaffected
AMDAMD Ryzen™ 4000 Series Desktop ProcessorsComboAM4v2 1.2.0.Caaffected
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsComboAM4v2 1.2.0.Caaffected
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.1.0.0affected
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoir-FP6 1.0.0.Daffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandt-FP7 1.0.0.Aaffected
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsMendocinoPI-FT6_1.0.0.6affected
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsDragonRangeFL1PI 1.0.0.3Caffected
AMDAMD Ryzen™ Embedded V2000 Series ProcessorsEmbeddedPI-FP6_1.0.0.9affected
AMDAMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 1009affected
AMDAMD Radeon™ RX 6000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.12.1 (25.10.37.01)affected
AMDAMD Radeon™ RX 7000 Series Graphics ProductsAMD Software: Adrenalin Edition 25.11.1 (25.20.29.01)affected
AMDAMD Radeon™ PRO W7000 Series Graphics ProductsAMD Software: PRO Edition 25.Q3.1 (25.10.32)affected
AMDAMD Radeon™ PRO W6000 Series Graphics ProductsAMD Software: PRO Edition 25.Q4 (25.10.37.01)affected
AMDAMD Instinct™ MI250ROCm 6.4affected
AMDAMD Instinct™ MI210ROCm 6.4affected
AMDAMD Radeon™ PRO V620Contact your AMD Customer Engineering representativeaffected
Weakness

CWE details

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.

CWE-1304 · source CWE mapping

Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation

Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.