nvd-json-data-feeds/CVE-2023/CVE-2023-205xx/CVE-2023-20515.json

{
  "id": "CVE-2023-20515",
  "sourceIdentifier": "psirt@amd.com",
  "published": "2025-02-11T22:15:26.087",
  "lastModified": "2025-02-11T22:15:26.087",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability."
    },
    {
      "lang": "es",
      "value": "Un control de acceso inadecuado en el controlador fTPM en el sistema operativo confiable podr\u00eda permitir que un atacante privilegiado corrompa la memoria del sistema, lo que podr\u00eda provocar una p\u00e9rdida de integridad, confidencialidad o disponibilidad."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "psirt@amd.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 3.7
      }
    ]
  },
  "weaknesses": [
    {
      "source": "psirt@amd.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-1284"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html",
      "source": "psirt@amd.com"
    },
    {
      "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html",
      "source": "psirt@amd.com"
    }
  ]
}