CVE-2023-31342

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 11, 2025

CWE ID 20

Summary

CVE-2023-31342 is a newly disclosed vulnerability that impacts the System Management Mode (SMM) handler. The issue is rooted in improper input validation, allowing a privileged attacker to manipulate data and overwrite Supervisor Mode Memory Random Access Memory (SMRAM). This can potentially result in arbitrary code execution, granting the attacker unrestricted access to the system. The vulnerability poses a significant risk to security, particularly in environments where privileged access is required. System administrators are encouraged to apply the available patch or update as soon as possible to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3RZjhs
https://www.cve.org/CVERecord?id=CVE-2023-31342
https://nvd.nist.gov/vuln/detail/CVE-2023-31342

Back to Vulnerability Database

CVE-2023-31342

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations