CVE-2023-31355

CVSS v3.1

6.0

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue involves improper restriction of write operations in SNP firmware. This could allow a malicious hypervisor to overwrite a guest's UMC seed, potentially enabling the reading of memory from a decommissioned guest.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

BDU:2025-09858

CVE-2023-31355

Affected Products

Red Os

Scp-Firmware

CVE-2023-31355

Weakness Enumeration

Related Identifiers

Affected Products

References · 9