How severe is CVE-2023-20513?

Low severity. CVSS v3 base score is 3.3 out of 10.

Vulnerability in Amd Radeon™ Pro W6000 Series Graphics Cards

CVE-2023-20513

An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service.

EPSS: 0.001 (26.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.3 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.

Affected products

Amd Radeon™ Pro W6000 Series Graphics Cards — versions AMD Software: PRO Edition 23.Q4 (23.30.13.03)
Amd Radeon™ Rx 6000 Series Graphics Cards — versions AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)

References

www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html

Frequently asked questions

What is CVE-2023-20513?: CVE-2023-20513 is a low-severity vulnerability in Amd Radeon™ Pro W6000 Series Graphics Cards. CVSS score: 3.3/10. Published 2024-08-13.
How severe is CVE-2023-20513?: Low severity. CVSS v3 base score is 3.3 out of 10.