Login Sign Up

CVE-2023-20586

9.8 CRITICAL

📋 TL;DR

This vulnerability in AMD Radeon Software Crimson ReLive Edition allows attackers to escalate privileges on affected systems. It affects users running this outdated graphics software, which is no longer supported by AMD. The vulnerability could enable attackers to gain higher system privileges than intended.

💻 Affected Systems

Products:
  • AMD Radeon Software Crimson ReLive Edition
Versions: All versions (software is end-of-life)
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: This software is outside AMD's security support lifecycle and will not receive official patches.

📦 What is this software?

Radeon Software by Amd

View all CVEs affecting Radeon Software →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with administrative privileges, allowing installation of malware, data theft, or complete system control.

🟠

Likely Case

Local privilege escalation enabling attackers to bypass security controls and execute code with elevated permissions.

🟢

If Mitigated

Limited impact if proper privilege separation and application control policies are enforced.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: UNKNOWN

AMD has not released technical details about the vulnerability. Exploitation likely requires local access to the system.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-6007

Restart Required: No

Instructions:

No official patch available. AMD recommends upgrading to supported Radeon Software versions.

🔧 Temporary Workarounds

Uninstall Radeon Crimson ReLive Edition

windows

Remove the vulnerable software completely from affected systems

Control Panel > Programs > Uninstall a program > Select 'AMD Radeon Software Crimson ReLive Edition' > Uninstall

Upgrade to Supported Radeon Software

windows

Install current, supported AMD Radeon Software versions

Download from https://www.amd.com/en/support

🧯 If You Can't Patch

  • Implement strict application control policies to prevent execution of vulnerable software
  • Apply principle of least privilege to user accounts and restrict administrative access

🔍 How to Verify

Check if Vulnerable:

Check installed programs for 'AMD Radeon Software Crimson ReLive Edition' in Control Panel or via PowerShell: Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -like '*Crimson ReLive*'}

Check Version:

Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -like '*Radeon Software*'} | Select-Object Name, Version

Verify Fix Applied:

Confirm software is uninstalled or upgraded to supported version. Check current version via: Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -like '*Radeon Software*'} | Select-Object Name, Version

📡 Detection & Monitoring

Log Indicators:

  • Event logs showing privilege escalation attempts
  • Security logs with unexpected process elevation

Network Indicators:

  • N/A - local privilege escalation vulnerability

SIEM Query:

EventID=4688 AND ProcessName LIKE '%crimson%' OR ProcessName LIKE '%radeon%' AND NewProcessName LIKE '%powershell%' OR NewProcessName LIKE '%cmd%'

📊 Metadata

CVE ID: CVE-2023-20586
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Published: August 8, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON