Amd: >> Ryzen 6900hs Firmware Security Vulnerabilities
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-09-20
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-09-20
Insufficient input validation in ASP may allow
an attacker with a compromised SMM to induce out-of-bounds memory reads within
the ASP, potentially leading to a denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-09
Insufficient input validation in ABL may enable
a privileged attacker to corrupt ASP memory, potentially resulting in a loss of
integrity or code execution.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-05-09
Failure to validate the length fields of the ASP
(AMD Secure Processor) sensor fusion hub headers may allow an attacker with a
malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite
data structures leading to a potential loss of confidentiality and integrity.
CVSS Score
9.1
EPSS Score
0.002
Published
2023-05-09