{"api_version":"1","generated_at":"2026-05-15T11:35:46+00:00","cve":"CVE-2023-31316","urls":{"html":"https://cve.report/CVE-2023-31316","api":"https://cve.report/api/cve/CVE-2023-31316.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-31316","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-31316"},"summary":{"title":"CVE-2023-31316","description":"Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.","state":"PUBLISHED","assigner":"AMD","published_at":"2026-05-15 03:16:20","updated_at":"2026-05-15 03:16:20"},"problem_types":["CWE-1304","CWE-1304 CWE-1304  Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation"],"metrics":[{"version":"4.0","source":"psirt@amd.com","type":"Secondary","score":"7.1","severity":"HIGH","vector":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"HIGH","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}},{"version":"4.0","source":"CNA","type":"CVSS","score":"7.1","severity":"HIGH","vector":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L","data":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"PRESENT","attackVector":"LOCAL","baseScore":7.1,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"HIGH","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L","version":"4.0","vulnAvailabilityImpact":"LOW","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"}}],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html","name":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html","refsource":"psirt@amd.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html","name":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html","refsource":"psirt@amd.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-31316","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31316","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics","version":"unaffected Cezanne-FP6 1.0.1.0","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 7000 Series Desktop Processors","version":"unaffected ComboAM5PI 1.0.0.a","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 4000 Series Desktop Processors","version":"unaffected ComboAM4v2 1.2.0.Ca","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics","version":"unaffected ComboAM4v2 1.2.0.Ca","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics","version":"unaffected PhoenixPI-FP8-FP7_1.1.0.0","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics","version":"unaffected Renoir-FP6 1.0.0.D","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics","version":"unaffected Rembrandt-FP7 1.0.0.A","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics","version":"unaffected MendocinoPI-FT6_1.0.0.6","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics","version":"unaffected DragonRangeFL1PI 1.0.0.3C","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded V2000 Series Processors","version":"unaffected EmbeddedPI-FP6_1.0.0.9","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Ryzen™ Embedded V3000 Series Processors","version":"unaffected Embedded-PI_FP7r2 1009","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ RX 6000 Series Graphics Products","version":"unaffected AMD Software: Adrenalin Edition 25.12.1 (25.10.37.01)","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ RX 7000 Series Graphics Products","version":"unaffected AMD Software: Adrenalin Edition 25.11.1 (25.20.29.01)","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ PRO W7000 Series Graphics Products","version":"unaffected AMD Software: PRO Edition 25.Q3.1 (25.10.32)","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ PRO W6000 Series Graphics Products","version":"unaffected AMD Software: PRO Edition 25.Q4 (25.10.37.01)","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Instinct™ MI250","version":"unaffected ROCm 6.4","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Instinct™ MI210","version":"unaffected ROCm 6.4","platforms":[]},{"source":"CNA","vendor":"AMD","product":"AMD Radeon™ PRO V620","version":"unaffected Contact your AMD Customer Engineering representative","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"affected","product":"AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"Cezanne-FP6 1.0.1.0"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 7000 Series Desktop Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"ComboAM5PI 1.0.0.a"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 4000 Series Desktop Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"ComboAM4v2 1.2.0.Ca"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"ComboAM4v2 1.2.0.Ca"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"PhoenixPI-FP8-FP7_1.1.0.0"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"Renoir-FP6 1.0.0.D"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"Rembrandt-FP7 1.0.0.A"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"MendocinoPI-FT6_1.0.0.6"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics","vendor":"AMD","versions":[{"status":"unaffected","version":"DragonRangeFL1PI 1.0.0.3C"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded V2000 Series Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"EmbeddedPI-FP6_1.0.0.9"}]},{"defaultStatus":"affected","product":"AMD Ryzen™ Embedded V3000 Series Processors","vendor":"AMD","versions":[{"status":"unaffected","version":"Embedded-PI_FP7r2 1009"}]},{"defaultStatus":"affected","product":"AMD Radeon™ RX 6000 Series Graphics Products","vendor":"AMD","versions":[{"status":"unaffected","version":"AMD Software: Adrenalin Edition 25.12.1 (25.10.37.01)"}]},{"defaultStatus":"affected","product":"AMD Radeon™ RX 7000 Series Graphics Products","vendor":"AMD","versions":[{"status":"unaffected","version":"AMD Software: Adrenalin Edition 25.11.1 (25.20.29.01)"}]},{"defaultStatus":"affected","product":"AMD Radeon™ PRO W7000 Series Graphics Products","vendor":"AMD","versions":[{"status":"unaffected","version":"AMD Software: PRO Edition 25.Q3.1 (25.10.32)"}]},{"defaultStatus":"affected","product":"AMD Radeon™ PRO W6000 Series Graphics Products","vendor":"AMD","versions":[{"status":"unaffected","version":"AMD Software: PRO Edition 25.Q4 (25.10.37.01)"}]},{"defaultStatus":"affected","product":"AMD Instinct™ MI250","vendor":"AMD","versions":[{"status":"unaffected","version":"ROCm 6.4"}]},{"defaultStatus":"affected","product":"AMD Instinct™ MI210","vendor":"AMD","versions":[{"status":"unaffected","version":"ROCm 6.4"}]},{"defaultStatus":"affected","product":"AMD Radeon™ PRO V620","vendor":"AMD","versions":[{"status":"unaffected","version":"Contact your AMD Customer Engineering representative"}]}],"datePublic":"2026-05-15T02:35:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.<br>"}],"value":"Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"PRESENT","attackVector":"LOCAL","baseScore":7.1,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"HIGH","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L","version":"4.0","vulnAvailabilityImpact":"LOW","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1304","description":"CWE-1304  Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-05-15T02:36:46.858Z","orgId":"b58fc414-a1e4-4f92-9d70-1add41838648","shortName":"AMD"},"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"AMD PSIRT Automation 1.0"}}},"cveMetadata":{"assignerOrgId":"b58fc414-a1e4-4f92-9d70-1add41838648","assignerShortName":"AMD","cveId":"CVE-2023-31316","datePublished":"2026-05-15T02:36:10.619Z","dateReserved":"2023-04-27T15:25:41.423Z","dateUpdated":"2026-05-15T02:36:46.858Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-15 03:16:20","lastModifiedDate":"2026-05-15 03:16:20","problem_types":["CWE-1304","CWE-1304 CWE-1304  Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation"],"metrics":{"cvssMetricV40":[{"source":"psirt@amd.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"HIGH","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2023","CveId":"31316","Ordinal":"1","Title":"CVE-2023-31316","CVE":"CVE-2023-31316","Year":"2023"},"notes":[{"CveYear":"2023","CveId":"31316","Ordinal":"1","NoteData":"Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.","Type":"Description","Title":"CVE-2023-31316"}]}}}