Vulnerabilities
Vulnerable Software
Amd:  Security Vulnerabilities
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.
CVSS Score
7.5
EPSS Score
0.006
Published
2023-05-09
Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges.
CVSS Score
8.8
EPSS Score
0.007
Published
2023-04-02
Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges.
CVSS Score
8.8
EPSS Score
0.007
Published
2023-04-02
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
CVSS Score
4.7
EPSS Score
0.003
Published
2023-03-01
Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-03-01
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service.
CVSS Score
7.5
EPSS Score
0.006
Published
2023-01-11
Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service.
CVSS Score
5.3
EPSS Score
0.006
Published
2023-01-11
Insufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leading to a loss of integrity or denial of service.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-01-11
Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service.
CVSS Score
5.5
EPSS Score
0.002
Published
2023-01-11
Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability.
CVSS Score
7.1
EPSS Score
0.002
Published
2023-01-11


Contact Us

Shodan ® - All rights reserved