Amd: >> Epyc 7532 Firmware >> romepi_1.0.0.d Security Vulnerabilities
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and access to the
BIOS menu or UEFI shell to modify the communications buffer potentially
resulting in arbitrary code execution.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-08-13
Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
CVSS Score
1.9
EPSS Score
0.0
Published
2023-11-14
Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-11-14
Improper access control settings in ASP
Bootloader may allow an attacker to corrupt the return address causing a
stack-based buffer overrun potentially leading to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-05-09
Insufficient input validation of mailbox data in the
SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially
leading to a loss of integrity and privilege escalation.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-05-09
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-01-11