Shodan
Vulnerabilities
Vulnerable Software
Amd:  Security Vulnerabilities
CVE-2023-31346
Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
CVSS Score
6.0
EPSS Score
0.003
Published
2024-02-13
CVE-2023-31347
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.  
CVSS Score
4.9
EPSS Score
0.005
Published
2024-02-13
CVE-2021-46757
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-02-13
CVE-2023-20570
Insufficient verification of data authenticity in the configuration state machine may allow a local attacker to potentially load arbitrary bitstreams.
CVSS Score
3.3
EPSS Score
0.001
Published
2024-02-13
CVE-2023-4969
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVSS Score
6.5
EPSS Score
0.012
Published
2024-01-16
CVE-2023-20573
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.
CVSS Score
3.2
EPSS Score
0.003
Published
2024-01-11
CVE-2023-31320
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.
CVSS Score
7.5
EPSS Score
0.013
Published
2023-11-14
CVE-2023-20592
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.
CVSS Score
6.5
EPSS Score
0.01
Published
2023-11-14
CVE-2023-20596
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.01
Published
2023-11-14
CVE-2023-20519
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.
CVSS Score
3.3
EPSS Score
0.002
Published
2023-11-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved