Vulnerabilites related to AMD - AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics
cve-2021-46746
Vulnerability from cvelistv5
Published
2024-08-13 16:50
Modified
2024-10-31 13:57
Severity ?
EPSS score ?
Summary
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing
keys to c006Frrupt the return address, causing a
stack-based buffer overrun, potentially leading to a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html | vendor-advisory |
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-46746", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-14T16:06:22.367564Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-31T13:57:25.237Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7001 Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7002 Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4 V2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "ComboAM5 1.0.8.0", }, ], }, { defaultStatus: "unaffected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.2", }, { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "PollockPI-FT5 1.0.0.4", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7045 Series Mobile Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "DragonRangeFL1PI 1.0.0.3b", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.2", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (<a target=\"_blank\" rel=\"nofollow\">TEE</a>) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, <a target=\"_blank\" rel=\"nofollow\">potentially</a> leading to a denial of service.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, potentially leading to a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:50:51.023Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-46746", datePublished: "2024-08-13T16:50:51.023Z", dateReserved: "2022-03-31T16:50:27.864Z", dateUpdated: "2024-10-31T13:57:25.237Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26344
Vulnerability from cvelistv5
Published
2024-08-13 16:49
Modified
2025-03-18 15:35
Severity ?
EPSS score ?
Summary
An out of bounds memory write when processing the AMD
PSP1 Configuration Block (APCB) could allow an attacker with access the ability
to modify the BIOS image, and the ability to sign the resulting image, to
potentially modify the APCB block resulting in arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7001 Series Processors |
Version: various |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "naplespi", vendor: "amd", versions: [ { lessThan: "1.0.0.k", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "romepi", vendor: "amd", versions: [ { lessThan: "1.0.0.C", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "milanpi", vendor: "amd", versions: [ { lessThan: "1.0.0.5", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2021-26344", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-13T18:29:11.333464Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-18T15:35:45.232Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7001 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7002 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "RomePI 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.3", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbRomePI-SP3 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "Various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbMilanPI-SP3 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.4", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">An out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution.\n\n\n\n<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "An out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:49:52.889Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-26344", datePublished: "2024-08-13T16:49:52.889Z", dateReserved: "2021-01-29T21:24:26.145Z", dateUpdated: "2025-03-18T15:35:45.232Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20578
Vulnerability from cvelistv5
Published
2024-08-13 16:52
Modified
2025-03-18 20:03
Severity ?
EPSS score ?
Summary
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and access to the
BIOS menu or UEFI shell to modify the communications buffer potentially
resulting in arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7001 Processors | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:amd:epyc_7001:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_7001", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.k", }, ], }, { cpes: [ "cpe:2.3:h:amd:epyc_7002:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_7002", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.g", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_9004:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_9004", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.2", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_3000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_3000", vendor: "amd", versions: [ { status: "unaffected", version: "1.1.0.a", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_7002:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_7002", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.a", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_7003:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_7003", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.7", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_9003:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_9003", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.0", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_7000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_7000", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.0", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_v3000", vendor: "amd", versions: [ { status: "unaffected", version: "1.0.0.8", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-20578", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-15T15:56:35.845479Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-367", description: "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-18T20:03:43.905Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", packageName: "PI", product: "AMD EPYC™ 7001 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "NaplesPI 1.0.0.K", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7002 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "RomePI 1.0.0.G", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.B", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "GenoaPI 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.0.0.1", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.9b", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.9b", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "unaffected", version: "SnowyOwl PI 1.1.0.A", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbRomePI-SP3 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbMilanPI-SP3 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbGenoaPI-SP5 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD RyzenTM Embedded V3000", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.8", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\"> A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow\nan attacker with ring0 privileges and access to the\nBIOS menu or UEFI shell to modify the communications <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">buffer </a>potentially\nresulting in arbitrary code execution.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow\nan attacker with ring0 privileges and access to the\nBIOS menu or UEFI shell to modify the communications buffer potentially\nresulting in arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:52:58.457Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-20578", datePublished: "2024-08-13T16:52:58.457Z", dateReserved: "2022-10-27T18:53:39.757Z", dateUpdated: "2025-03-18T20:03:43.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23817
Vulnerability from cvelistv5
Published
2024-08-13 16:51
Modified
2024-08-16 20:27
Severity ?
EPSS score ?
Summary
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD Ryzen™ 3000 Series Desktop Processors | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_3300x_firmware", vendor: "amd", versions: [ { lessThan: "comboam4v2_1.2.0.a", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_3300u_firmware", vendor: "amd", versions: [ { lessThan: "picassopi-fp5_1.0.0.e", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_pro_3200g_firmware", vendor: "amd", versions: [ { lessThan: "comboam4v2_pi_1.2.0.8", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_5_7500f_firmware", vendor: "amd", versions: [ { lessThan: "comboam5_1.0.8.0", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_threadripper_pro_3995wx_firmware", vendor: "amd", versions: [ { lessThan: "castlepeakpi-sp3r3_1.0.0.8", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_threadripper_pro_3995wx_firmware", vendor: "amd", versions: [ { lessThan: "castlepeakwspi-swrx8_1.0.0.a", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_threadripper_pro_5995wx_firmware", vendor: "amd", versions: [ { lessThan: "chagallwspi-swrx8_1.0.0.5", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_4300u_firmware", vendor: "amd", versions: [ { lessThan: "renoirpi-fp6_1.0.0.a", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_5_6600u_firmware", vendor: "amd", versions: [ { lessThan: "rembrandtpi-fp7_1.0.0.5", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_7335u_firmware", vendor: "amd", versions: [ { lessThan: "rembrandtpi-fp7_1.0.0.5", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_7_7745hx_firmware", vendor: "amd", versions: [ { lessThan: "dragonrangefl1pi_1.0.0.3b", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_5_5600x_firmware", vendor: "amd", versions: [ { lessThan: "comboam4v2_pi_1.2.0.8", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_5300g_firmware", vendor: "amd", versions: [ { lessThan: "cezannepi-fp6_1.0.0.c", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_5425c_firmware", vendor: "amd", versions: [ { lessThan: "cezannepi-fp6_1.0.0.c", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "athlon_pro_300ge_firmware", vendor: "amd", versions: [ { lessThan: "picassopi-fp5_1.0.0.e", status: "unaffected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-23817", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-13T17:51:43.434721Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-16T20:27:19.545Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V1 1.0.0.A/ComboAM4V2 1.2.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.0.8.0", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.5", }, { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PollockPI-FT5 1.0.0.4", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7045 Series Mobile Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "DragonRangeFL1PI 1.0.0.3b", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.2", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.", }, ], value: "Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:51:45.468Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2022-23817", datePublished: "2024-08-13T16:51:45.468Z", dateReserved: "2022-01-21T17:14:12.302Z", dateUpdated: "2024-08-16T20:27:19.545Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26387
Vulnerability from cvelistv5
Published
2024-08-13 16:50
Modified
2024-10-30 17:59
Severity ?
EPSS score ?
Summary
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD signing keys and the BIOS menu or UEFI
shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7001 Series Processors |
Version: various |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-26387", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-14T15:47:34.441746Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-30T17:59:30.394Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", packageName: "PI", product: "AMD EPYC™ 7001 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7002 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4 V2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4 V2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.0.8.0", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.2", }, { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PollockPI-FT5 1.0.0.4", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.9b", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.9b", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.9", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected <a target=\"_blank\" rel=\"nofollow\">areas,</a> potentially leading to a loss of platform integrity.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:50:22.151Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-26387", datePublished: "2024-08-13T16:50:22.151Z", dateReserved: "2021-01-29T21:24:26.161Z", dateUpdated: "2024-10-30T17:59:30.394Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-46772
Vulnerability from cvelistv5
Published
2024-08-13 16:50
Modified
2024-11-05 21:18
Severity ?
EPSS score ?
Summary
Insufficient input validation in the ABL may allow a privileged
attacker with access to the BIOS menu or UEFI shell to tamper with the
structure headers in SPI ROM causing an out of bounds memory read and write,
potentially resulting in memory corruption or denial of service.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7002 Series Processors | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-46772", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-15T14:19:27.997821Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-05T21:18:50.631Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7002 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "RomePI 1.0.0.E", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.3", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbRomePI-SP3 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbMilanPI-SP3 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.4", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Insufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service.\n\n\n\n<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Insufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:50:54.016Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-46772", datePublished: "2024-08-13T16:50:54.016Z", dateReserved: "2022-03-31T16:50:27.872Z", dateUpdated: "2024-11-05T21:18:50.631Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31315
Vulnerability from cvelistv5
Published
2024-08-09 17:08
Modified
2024-09-12 12:56
Severity ?
EPSS score ?
Summary
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | 3rd Gen AMD EPYC™ Processors |
Version: various |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-09-12T12:56:32.250Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://www.darkreading.com/remote-workforce/amd-issues-updates-for-silicon-level-sinkclose-flaw", }, { url: "https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Enrique%20Nissim%20Krzysztof%20Okupski%20-%20AMD%20Sinkclose%20Universal%20Ring-2%20Privilege%20Escalation.pdf", }, { url: "https://news.ycombinator.com/item?id=41475975", }, ], title: "CVE Program Container", x_generator: { engine: "ADPogram 0.0.1", }, }, { affected: [ { cpes: [ "cpe:2.3:h:amd:1st_gen_amd_epyc_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "1st_gen_amd_epyc_processors", vendor: "amd", versions: [ { lessThan: "naples.pi.1.0.0.m", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:3rd_gen_amd_epyc_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "3rd_gen_amd_epyc_processors", vendor: "amd", versions: [ { lessThan: "milan.pi.1.0.0.d", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:2nd_gen_amd_epyc_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "2nd_gen_amd_epyc_processors", vendor: "amd", versions: [ { lessThan: "rome.pi.1.0.0.j", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_3000_series_desktop_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_3000_series_desktop_processors", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:h:amd:4th_gen_amd_epyc_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "4th_gen_amd_epyc_processors", vendor: "amd", versions: [ { lessThan: "genoa_pi_1.0.0.c", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_3000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_3000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_7002:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_7002", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_7003:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_7003", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:epyc_embedded_9003:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "epyc_embedded_9003", vendor: "amd", versions: [ { lessThan: "emgenoa.pi.1.0.0.7", status: "unaffected", version: "0", versionType: "custom", }, { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_r1000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_r1000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_r2000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_r2000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_7000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_7000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_5000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_5000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_v1000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_v1000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_v3000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_embedded_v2000:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_embedded_v2000", vendor: "amd", versions: [ { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7040_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7040_series_mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "phoenixpi-fp8-fp7.1.1.0.3", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_5000_series_desktop_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_5000_series_desktop_processors", vendor: "amd", versions: [ { lessThan: "comboam4v2pi.1.2.0.cb", status: "unaffected", version: "0", versionType: "custom", }, { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_5000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_5000_series_desktop_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "comboam4v2pi.1.2.0.cb", status: "unaffected", version: "0", versionType: "custom", }, { status: "affected", version: "various", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7000_desktop_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7000_desktop_processors", vendor: "amd", versions: [ { lessThan: "comboam5pi.1.2.0.1", status: "affected", version: "0", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_4000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_4000_series_desktop_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "comboam4v2pi.1.2.0.cb", status: "affected", version: "0", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_threadripper_3000_series_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_threadripper_3000_series_processors", vendor: "amd", versions: [ { lessThan: "castlepeakpl-sp3r3.1.0.0.b", status: "affected", version: "0", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_threadripper_pro_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_threadripper_pro_processors", vendor: "amd", versions: [ { lessThan: "chagallwspi-swrx8.1.0.0.8", status: "affected", version: "various", versionType: "python", }, { lessThan: "castlepeakwspi-swrx8.1.0.0.8", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_threadripper_pro_3000wx_series_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_threadripper_pro_3000wx_series_processors", vendor: "amd", versions: [ { lessThan: "chagallwspi-swrx8.1.0.0.8", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:athlon_3000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "athlon_3000_series_mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "picasso-fp5.1.0.1.2", status: "affected", version: "various", versionType: "python", }, { lessThan: "pollockpi-ft5.1.0.0.8", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_3000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_3000_series_desktop_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "picasso-fp5.1.0.1.2", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_4000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_4000_series_mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "renoirpi-fp6.1.0.0.e", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_5000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_5000_series_mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "cezannepi-fp6.1.0.1.1", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7030_series-mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7030_series-mobile_processors_with_radeon_graphics", vendor: "amd", versions: [ { lessThan: "cezannepi-fp6", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7045_series_mobile_processors:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7045_series_mobile_processors", vendor: "amd", versions: [ { lessThan: "dragonrangefl1.1.0.0.3e", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_6000_processors_with_radeongraphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_6000_processors_with_radeongraphics", vendor: "amd", versions: [ { lessThan: "remembrandtpi-fp7.1.0.0.b", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7020_processors_with_radeongraphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7020_processors_with_radeongraphics", vendor: "amd", versions: [ { lessThan: "mendocinopi-ft6.1.0.0.7", status: "affected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_7035_processors_with_radeongraphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_7035_processors_with_radeongraphics", vendor: "amd", versions: [ { lessThan: "remembrandtpi-fp7.1.0.0.b", status: "unaffected", version: "various", versionType: "python", }, ], }, { cpes: [ "cpe:2.3:a:amd:ryzen_8000_series_processors_with_radeongraphics:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ryzen_8000_series_processors_with_radeongraphics", vendor: "amd", versions: [ { lessThan: "comboam5pi.1.2.0.1", status: "unaffected", version: "various", versionType: "python", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2023-31315", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-09T17:29:59.373286Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-27T14:54:02.319Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "PI", product: "3rd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "Milan PI 1.0.0.D", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "1st Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "Naples PI 1.0.0.M", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "2nd Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "Rome PI 1.0.0.J", status: "affected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "4th Gen AMD EPYC™ Processors", vendor: "AMD", versions: [ { lessThan: "Genoa PI 1.0.0.C", status: "unaffected", version: "various", versionType: "Platform Initialization", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003", vendor: "AMD", versions: [ { lessThan: "EmbGenoaPI 1.0.0.7", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { lessThan: "ComboAM4v2PI 1.2.0.cb", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "ComboAM4v2PI 1.2.0.cb", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { lessThan: "ComboAM5PI 1.2.0.1", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "ComboAM4v2PI 1.2.0.cb", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { lessThan: "CastlePeakPI-SP3r3 1.0.0.B", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO Processors", vendor: "AMD", versions: [ { lessThan: "ChagallWSPI-sWRX8 1.0.0.8", status: "affected", version: "various", versionType: "PI", }, { lessThan: "CastlePeakWSPI-sWRX8 1.0.0.D", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { lessThan: "ChagallWSPI-sWRX8 1.0.0.8", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "Picasso-FP5 1.0.1.2", status: "unaffected", version: "various", versionType: "PI", }, { lessThan: "PollockPI-FT5 1.0.0.8", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "Picasso-FP5 1.0.1.2", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "RenoirPI-FP6 1.0.0.E", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "CezannePI-FP6 1.0.1.1", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "CezannePI-FP6", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "PhoenixPI-FP8-FP7 1.1.0.3", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7045 Series Mobile Processors", vendor: "AMD", versions: [ { lessThan: "DragonRangeFL1 1.0.0.3e", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "RembrandtPI-FP7 1.0.0.B", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "MendocinoPI-FT6 1.0.0.7", status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "RembrandtPI-FP7 1.0.0.B", status: "unaffected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 8000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { lessThan: "ComboAM5PI 1.2.0.1", status: "unaffected", version: "various", versionType: "PI", }, ], }, ], datePublic: "2024-08-09T12:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.</span>", }, ], value: "Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T15:37:24.501Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-31315", datePublished: "2024-08-09T17:08:24.237Z", dateReserved: "2023-04-27T15:25:41.423Z", dateUpdated: "2024-09-12T12:56:32.250Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20518
Vulnerability from cvelistv5
Published
2024-08-13 16:52
Modified
2024-11-05 17:10
Severity ?
EPSS score ?
Summary
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 9004 Series Processors | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-20518", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-15T14:20:09.090291Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-459", description: "CWE-459 Incomplete Cleanup", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-05T17:10:30.170Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 9004 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "GenoaPI 1.0.0.4", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V1 1.0.0.A", }, { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, { status: "unaffected", version: "ComboAM4V1 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.B", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.F", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PollockPI-FT5 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.F", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.4", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.3", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.0", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.5", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\"> Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 1.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:52:55.976Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-20518", datePublished: "2024-08-13T16:52:55.976Z", dateReserved: "2022-10-27T18:53:39.736Z", dateUpdated: "2024-11-05T17:10:30.170Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }