Vulnerability in Amd Radeon™ Pro V520 Graphics Products
CVE-2023-31306
Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability.
EPSS: 0.000 (9.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 3.3 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.
Affected products
- Amd Radeon™ Pro V520 Graphics Products — versions Contact your AMD Customer Engineering representative
- Amd Radeon™ Pro V620 Graphics Products — versions Contact your AMD Customer Engineering representative
- Amd Radeon™ Pro W5000 Series Graphics Products — versions No fix planned
- Amd Radeon™ Pro W6000 Series Graphics Products — versions AMD Software: PRO Edition 24.Q4 (24.20.30)
- Amd Radeon™ Rx 5000 Series Graphics Products — versions No fix planned
- Amd Radeon™ Rx 6000 Series Graphics Products — versions AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01)
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2023-31306?
- CVE-2023-31306 is a low-severity vulnerability in Amd Radeon™ Pro V520 Graphics Products, classified under Improper Validation of Array Index. CVSS score: 3.3/10. Published 2025-09-06.
- How severe is CVE-2023-31306?
- Low severity. CVSS v3 base score is 3.3 out of 10.
- Is CVE-2023-31306 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.