Shodan
Vulnerabilities
Vulnerable Software
Amd:  Security Vulnerabilities
CVE-2024-21978
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.
CVSS Score
6.0
EPSS Score
0.017
Published
2024-08-05
CVE-2024-21980
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.
CVSS Score
7.9
EPSS Score
0.023
Published
2024-08-05
CVE-2023-31355
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.
CVSS Score
6.0
EPSS Score
0.008
Published
2024-08-05
CVE-2023-20579
Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-02-13
CVE-2023-31346
Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-02-13
CVE-2023-31347
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.  
CVSS Score
4.9
EPSS Score
0.0
Published
2024-02-13
CVE-2021-46757
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-02-13
CVE-2023-20570
Insufficient verification of data authenticity in the configuration state machine may allow a local attacker to potentially load arbitrary bitstreams.
CVSS Score
3.3
EPSS Score
0.0
Published
2024-02-13
CVE-2023-4969
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVSS Score
6.5
EPSS Score
0.009
Published
2024-01-16
CVE-2023-20573
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.
CVSS Score
3.2
EPSS Score
0.001
Published
2024-01-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved