Shodan
Vulnerabilities
Vulnerable Software
Amd:  >> Ryzen Threadripper Pro 3995wx  Security Vulnerabilities
CVE-2021-26354
Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-09
CVE-2021-26356
A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure.
CVSS Score
7.4
EPSS Score
0.001
Published
2023-05-09
CVE-2021-26371
A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-05-09
CVE-2023-20558
Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-04-02
CVE-2023-20559
Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-04-02
CVE-2021-26316
Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-01-11
CVE-2022-23824
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-11-09
CVE-2021-26392
Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-11-09
CVE-2020-12931
Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-11-09
CVE-2020-12930
Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-11-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved