CVE-2023-31359 – This vulnerability involves incorrect default p... (How to Fix)

Q: What is the severity of CVE-2023-31359?

CVE-2023-31359 has a CVSS score of 7.3 (HIGH). This vulnerability involves incorrect default permissions in AMD Manageability API that could allow a local attacker to escalate privileges on affected systems. It affects systems with AMD Manageability API installed, potentially leading to arbitrary code execution with elevated privileges.

📋 TL;DR

This vulnerability involves incorrect default permissions in AMD Manageability API that could allow a local attacker to escalate privileges on affected systems. It affects systems with AMD Manageability API installed, potentially leading to arbitrary code execution with elevated privileges.

💻 Affected Systems

Products:

AMD Manageability API

Versions: Specific versions not detailed in provided reference; consult AMD advisory for exact affected versions

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Requires AMD Manageability API to be installed and running. Systems without this component are not affected.

📦 What is this software?

Aim T Manageability Api by Amd

View all CVEs affecting Aim T Manageability Api →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with administrative privileges, enabling installation of persistent malware, data theft, and lateral movement.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls and execute arbitrary code with higher privileges than originally granted.

🟢

If Mitigated

Limited impact if proper access controls and least privilege principles are enforced, though vulnerability still exists.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to the system.

🏢 Internal Only: HIGH - Attackers with initial access to a system could use this to escalate privileges and move laterally within the network.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access to the system. No public exploit code has been identified at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check AMD advisory for specific patched versions

Vendor Advisory: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9015.html

Restart Required: Yes

Instructions:

1. Visit AMD security advisory page. 2. Download appropriate patch for your system. 3. Apply patch following vendor instructions. 4. Restart system as required.

🔧 Temporary Workarounds

Remove AMD Manageability API

all

Uninstall the vulnerable component if not required for system functionality

Check system documentation for uninstallation procedure

Restrict Access Permissions

all

Manually adjust permissions on AMD Manageability API files and directories

Use appropriate OS commands to restrict access (e.g., chmod, icacls)

🧯 If You Can't Patch

Implement strict access controls and least privilege principles
Monitor for suspicious privilege escalation attempts and file access patterns

🔍 How to Verify

Check if Vulnerable:

Check if AMD Manageability API is installed and running on the system

Check Version:

Consult AMD documentation for version checking specific to AMD Manageability API

Verify Fix Applied:

Verify patch installation through system update logs or version checking

📡 Detection & Monitoring

Log Indicators:

Unusual privilege escalation attempts
Suspicious access to AMD Manageability API files

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

Search for process creation events with parent-child privilege escalation patterns

📊 Metadata

CVE ID: CVE-2023-31359

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-276

EPSS Score: 0.02% exploit probability (3.3th percentile)

Published: May 13, 2025

Last Updated: May 16, 2025

🔗 References

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9015.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-31359, you might also want to check these: