Amd: >> Amd 3020e Firmware Security Vulnerabilities
Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-11-09
Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confidentiality.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-11-09
Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-11-09
Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-11-09