{"api_version":"1","generated_at":"2026-06-20T06:44:18+00:00","cve":"CVE-2023-31339","urls":{"html":"https://cve.report/CVE-2023-31339","api":"https://cve.report/api/cve/CVE-2023-31339.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-31339","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-31339"},"summary":{"title":"CVE-2023-31339","description":"Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.","state":"PUBLISHED","assigner":"AMD","published_at":"2024-08-13 17:15:20","updated_at":"2026-06-05 20:04:27"},"problem_types":["CWE-20","CWE-125","CWE-20 CWE-20 Improper Input Validation"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"5.8","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"psirt@amd.com","type":"Secondary","score":"4.8","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"4.8","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H","version":"3.1"}}],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8002","name":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8002","refsource":"psirt@amd.com","tags":["Broken Link"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-31339","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31339","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"AMD","product":"Zynq™ UltraScale+™ MPSoC/RFSoC","version":"affected 2023.2 custom","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"31339","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"amd","cpe5":"trusted_firmware-a","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu11eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu15eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu17eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu19eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu1cg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu1eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu21dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu25dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu27dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu28dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu29dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu2cg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu2eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu39dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu3cg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu3eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu3tcg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu3teg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu42dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu43dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu46dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu47dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu48dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu49dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu4cg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu4eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu4ev","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu5cg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu5eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu5ev","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu63dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu64dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu65dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu67dr","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu6cg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu6eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu7cg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu7eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu7ev","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu9cg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"amd","cpe5":"zu9eg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"31339","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"trustedfirmware","cpe5":"trusted_firmware-a","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2023","cve_id":"31339","cve":"CVE-2023-31339","epss":"0.000970000","percentile":"0.267680000","score_date":"2026-06-11","updated_at":"2026-06-12 00:07:15"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2023-31339","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2024-08-15T15:18:02.945530Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2024-08-15T15:18:21.699Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"affected","product":"Zynq™ UltraScale+™ MPSoC/RFSoC","vendor":"AMD","versions":[{"lessThan":"2023.2","status":"affected","version":"0","versionType":"custom"}]}],"datePublic":"2024-08-13T04:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.</span>\n\n</span>\n\n\n\n\n\n<br>"}],"value":"Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2024-08-13T16:56:22.024Z","orgId":"b58fc414-a1e4-4f92-9d70-1add41838648","shortName":"AMD"},"references":[{"tags":["x_refsource_MISC"],"url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8002"}],"source":{"advisory":"AMD-SB-1016","discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@amd.com","DATE_PUBLIC":"2021-11-09T20:30:00.000Z","ID":"CVE-2021-26334","STATE":"PUBLIC","TITLE":"AMD Chipset Driver Information Disclosure Vulnerability"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"μProf Tool","version":{"version_data":[{"version_affected":"<","version_name":"μProf Tool","version_value":"3.4.494"}]}}]},"vendor_name":"AMD"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The AMDPowerProfiler.sys driver of AMD μProf tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user."}]},"generator":{"engine":"Vulnogram 0.0.9"},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-284 Improper Access Control"}]}]},"references":{"reference_data":[{"name":"https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1016","refsource":"MISC","url":"https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1016"}]},"source":{"advisory":"AMD-SB-1016","discovery":"EXTERNAL"}}}},"cveMetadata":{"assignerOrgId":"b58fc414-a1e4-4f92-9d70-1add41838648","assignerShortName":"AMD","cveId":"CVE-2023-31339","datePublished":"2024-08-13T16:56:22.024Z","dateReserved":"2023-04-27T15:25:41.425Z","dateUpdated":"2024-08-15T15:18:21.699Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2024-08-13 17:15:20","lastModifiedDate":"2026-06-05 20:04:27","problem_types":["CWE-20","CWE-125","CWE-20 CWE-20 Improper Input Validation"],"metrics":{"cvssMetricV31":[{"source":"psirt@amd.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":0.6,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":0.6,"impactScore":5.2}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:amd:trusted_firmware-a:*:*:*:*:*:*:*:*","versionEndExcluding":"2023.2","matchCriteriaId":"585C3863-BBA7-4753-BEAF-58E8E192925D"},{"vulnerable":true,"criteria":"cpe:2.3:o:trustedfirmware:trusted_firmware-a:*:*:*:*:*:*:*:*","versionEndExcluding":"2.10.1","matchCriteriaId":"0FA385C9-1A23-441F-B829-DE1EC1260F99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu11eg:-:*:*:*:*:*:*:*","matchCriteriaId":"CE5F3351-714B-4B2B-BE5B-C8FAF39800A7"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu15eg:-:*:*:*:*:*:*:*","matchCriteriaId":"9045E0CA-4EF2-4486-906E-FF2A88915EA4"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu17eg:-:*:*:*:*:*:*:*","matchCriteriaId":"3517639C-014E-4420-B220-DA274105EB36"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu19eg:-:*:*:*:*:*:*:*","matchCriteriaId":"8FD519A4-6A95-4DE4-A60C-A045D4C18B39"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu1cg:-:*:*:*:*:*:*:*","matchCriteriaId":"A3644759-DF73-4B08-A41F-F3545544A834"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu1eg:-:*:*:*:*:*:*:*","matchCriteriaId":"D1F0F4E1-6614-4764-95C6-07021037C98E"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu21dr:-:*:*:*:*:*:*:*","matchCriteriaId":"13C07809-E70A-4A43-A0BA-B9BE011DF95D"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu25dr:-:*:*:*:*:*:*:*","matchCriteriaId":"E6FF4C27-6BB6-49E9-9739-0ACE9BDCC9C5"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu27dr:-:*:*:*:*:*:*:*","matchCriteriaId":"F9EE10CC-D349-4E43-9418-49BEB0237AC8"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu28dr:-:*:*:*:*:*:*:*","matchCriteriaId":"77F6F4A1-A50C-49D3-BF5C-A8F4EF0432EA"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu29dr:-:*:*:*:*:*:*:*","matchCriteriaId":"4CDED669-6D4B-47BE-89B3-38762106CC15"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu2cg:-:*:*:*:*:*:*:*","matchCriteriaId":"8AA3F682-6DF1-46F5-BF27-4DBD5C49912E"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu2eg:-:*:*:*:*:*:*:*","matchCriteriaId":"BFAA3DD6-72A8-47EB-B4DA-623956136076"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu39dr:-:*:*:*:*:*:*:*","matchCriteriaId":"C2C4AB9E-C10F-40E2-B7A7-6D98CA9C978D"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu3cg:-:*:*:*:*:*:*:*","matchCriteriaId":"40A210AD-DFED-4DC0-B133-483967D67622"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu3eg:-:*:*:*:*:*:*:*","matchCriteriaId":"25305088-1DDF-4E60-B7CD-9990D4D3E1B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu3tcg:-:*:*:*:*:*:*:*","matchCriteriaId":"A331B606-2D5D-4EFD-909C-1E497363C490"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu3teg:-:*:*:*:*:*:*:*","matchCriteriaId":"501B3C64-A6A2-433A-B6F1-9B54A1CE5A3A"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu42dr:-:*:*:*:*:*:*:*","matchCriteriaId":"7539C6D1-451C-4D18-A405-8D1C0C558DEE"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu43dr:-:*:*:*:*:*:*:*","matchCriteriaId":"786D2CC5-115F-47D1-BF7A-912A53A4CC15"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu46dr:-:*:*:*:*:*:*:*","matchCriteriaId":"77A4DA65-5444-415C-98ED-58B8AEE5C9BF"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu47dr:-:*:*:*:*:*:*:*","matchCriteriaId":"16EE74BE-140C-4E7E-A863-9241D46F0B28"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu48dr:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB69401-F8BB-4769-B873-B8004480DD03"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu49dr:-:*:*:*:*:*:*:*","matchCriteriaId":"7ABEFC67-EF4C-4B67-8ED8-9A2EB1D87410"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu4cg:-:*:*:*:*:*:*:*","matchCriteriaId":"E2905CDB-B546-4E21-A112-77C3C3163BFE"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu4eg:-:*:*:*:*:*:*:*","matchCriteriaId":"90E53A37-6EF6-4C61-AD96-9E611677CE7F"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu4ev:-:*:*:*:*:*:*:*","matchCriteriaId":"E31CE2F3-EA33-4F3E-BFDD-0E29E97D8EB6"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu5cg:-:*:*:*:*:*:*:*","matchCriteriaId":"EBEB8E8A-95D7-4E79-BC4D-4085C5E800F7"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu5eg:-:*:*:*:*:*:*:*","matchCriteriaId":"EA09364E-BC82-49F6-AE09-2DBE2D332B2E"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu5ev:-:*:*:*:*:*:*:*","matchCriteriaId":"B0E1453D-9BAF-49D7-9362-B4D8CB886612"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu63dr:-:*:*:*:*:*:*:*","matchCriteriaId":"DE17FB2B-C861-4980-A891-F9A15A5F7A42"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu64dr:-:*:*:*:*:*:*:*","matchCriteriaId":"83A35E38-9A97-41C7-8404-CC3F29514527"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu65dr:-:*:*:*:*:*:*:*","matchCriteriaId":"8AEDD34F-8FD2-4D1A-82E9-171E227246D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu67dr:-:*:*:*:*:*:*:*","matchCriteriaId":"6B8E9AA5-35C3-4AA2-9F44-D60EB39A4FB4"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu6cg:-:*:*:*:*:*:*:*","matchCriteriaId":"19B4BE70-7ECC-40D0-A770-6B414FF06A83"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu6eg:-:*:*:*:*:*:*:*","matchCriteriaId":"8E63D5EA-563E-4C37-81A8-78517869BFA4"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu7cg:-:*:*:*:*:*:*:*","matchCriteriaId":"D3DE9030-505E-422C-99D9-0B9894802D90"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu7eg:-:*:*:*:*:*:*:*","matchCriteriaId":"FCCA05DE-0F83-4195-B95D-E855837EACCC"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu7ev:-:*:*:*:*:*:*:*","matchCriteriaId":"BEFEE64D-9614-4706-935B-046147D0DFC9"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu9cg:-:*:*:*:*:*:*:*","matchCriteriaId":"61BB42CE-A537-43E6-94D7-BED504BEA5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:amd:zu9eg:-:*:*:*:*:*:*:*","matchCriteriaId":"23D4D75A-2704-4752-BD6C-28F7CEEF41AD"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2023","CveId":"31339","Ordinal":"1","Title":"CVE-2023-31339","CVE":"CVE-2023-31339","Year":"2023"},"notes":[{"CveYear":"2023","CveId":"31339","Ordinal":"1","NoteData":"Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.","Type":"Description","Title":"CVE-2023-31339"}]}}}