Cyber Resilience

CVE-2023-31343

High

Published: 11 February 2025

Published
11 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0004 13.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-31343 is a high-severity Insufficient Granularity of Access Control (CWE-1220) vulnerability in Amd (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 13.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2023-31343 is an improper input validation vulnerability in the SMM handler that may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. It affects AMD platforms, as detailed in multiple AMD security bulletins. The vulnerability is associated with CWE-1220 and carries a CVSS v3.1 base score of 7.5 (AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating high severity with local attack vector, high attack complexity, high privileges required, no user interaction, changed scope, and high impacts to confidentiality, integrity, and availability.

A privileged local attacker could exploit this vulnerability by targeting the SMM handler with malformed input, enabling overwrite of SMRAM contents. Successful exploitation could result in arbitrary code execution within the high-privilege System Management Mode, potentially compromising the system's firmware and enabling persistent, kernel-level control or escalation to full system compromise.

AMD security bulletins provide guidance on mitigation, including AMD-SB-3009, AMD-SB-4008, and AMD-SB-5004, which detail affected products, firmware updates, and recommended patches to address the improper input validation in the SMM handler. Security practitioners should consult these advisories for platform-specific remediation steps.

EU & UK References

Vulnerability details

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1542.001 System Firmware Stealth
Adversaries may modify system firmware to persist on systems.
Why these techniques?

SMM handler input validation flaw directly enables local privileged exploitation for escalation to SMM code execution (T1068) and firmware compromise/persistence (T1542.001).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2023-31342Shared CWE-1220
CVE-2026-33825Shared CWE-1220
CVE-2024-53295Shared CWE-1220
CVE-2026-6356Shared CWE-1220
CVE-2026-35436Shared CWE-1220
CVE-2026-6388Shared CWE-1220
CVE-2025-7493Shared CWE-1220
CVE-2026-40365Shared CWE-1220
CVE-2024-13256Shared CWE-1220
CVE-2025-20111Shared CWE-1220

Affected Assets

Amd
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates validation of inputs to the SMM handler, preventing malformed inputs from overwriting SMRAM.

prevent

Requires timely remediation of the improper input validation flaw through firmware updates as recommended in AMD security bulletins.

prevent

Implements safeguards to protect SMRAM from unauthorized overwrite and arbitrary code execution resulting from the vulnerability.

References