Amd: >> Epyc 7401 Firmware >> naplespi_1.0.0.h Security Vulnerabilities
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and access to the
BIOS menu or UEFI shell to modify the communications buffer potentially
resulting in arbitrary code execution.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-08-13
Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-11-14
Improper access control settings in ASP
Bootloader may allow an attacker to corrupt the return address causing a
stack-based buffer overrun potentially leading to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-05-09