Shodan
Vulnerabilities
Vulnerable Software
Amd:  >> Ryzen 7 3700u Firmware  Security Vulnerabilities
CVE-2022-23815
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-08-13
CVE-2021-26367
A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.
CVSS Score
5.7
EPSS Score
0.0
Published
2024-08-13
CVE-2023-20579
Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-02-13
CVE-2023-20521
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
CVSS Score
3.3
EPSS Score
0.0
Published
2023-11-14
CVE-2022-23820
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-14
CVE-2022-23821
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-11-14
CVE-2023-20555
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-08
CVE-2021-26354
Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-05-09
CVE-2021-26371
A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-05-09
CVE-2022-27672
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
CVSS Score
4.7
EPSS Score
0.001
Published
2023-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved