Amd: >> Epyc 7473x Firmware >> milanpi_1.0.0.3 Security Vulnerabilities
A compromised or malicious ABL or UApp could
send a SHA256 system call to the bootloader, which may result in exposure of
ASP memory to userspace, potentially leading to information disclosure.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-05-09
Insufficient input validation of mailbox data in the
SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially
leading to a loss of integrity and privilege escalation.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-05-09
Insufficient address validation, may allow an
attacker with a compromised ABL and UApp to corrupt sensitive memory locations
potentially resulting in a loss of integrity or availability.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-05-09
Page 3