Amd: >> Ryzen 3 3350u Firmware >> comboam4pi_1.0.0.9 Security Vulnerabilities
A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.
CVSS Score
5.7
EPSS Score
0.0
Published
2024-08-13
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
CVSS Score
3.3
EPSS Score
0.0
Published
2023-11-14
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-09-20
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-09-20
Insufficient input validation in
CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting
an arbitrary bit in an attacker-controlled pointer potentially leading to
arbitrary code execution in SMM.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-08