Vulnerabilites related to AMD - AMD Ryzen™ Embedded V2000 Series Processors
CVE-2021-26344 (GCVE-0-2021-26344)
Vulnerability from cvelistv5
Published
2024-08-13 16:49
Modified
2025-03-18 15:35
Severity ?
EPSS score ?
Summary
An out of bounds memory write when processing the AMD
PSP1 Configuration Block (APCB) could allow an attacker with access the ability
to modify the BIOS image, and the ability to sign the resulting image, to
potentially modify the APCB block resulting in arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html | vendor-advisory |
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "naplespi", vendor: "amd", versions: [ { lessThan: "1.0.0.k", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "romepi", vendor: "amd", versions: [ { lessThan: "1.0.0.C", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "milanpi", vendor: "amd", versions: [ { lessThan: "1.0.0.5", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2021-26344", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-13T18:29:11.333464Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-18T15:35:45.232Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7001 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7002 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "RomePI 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.3", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbRomePI-SP3 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "Various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbMilanPI-SP3 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "v", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.4", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">An out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution.\n\n\n\n<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "An out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:49:52.889Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-26344", datePublished: "2024-08-13T16:49:52.889Z", dateReserved: "2021-01-29T21:24:26.145Z", dateUpdated: "2025-03-18T15:35:45.232Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-23817 (GCVE-0-2022-23817)
Vulnerability from cvelistv5
Published
2024-08-13 16:51
Modified
2024-08-16 20:27
Severity ?
EPSS score ?
Summary
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD Ryzen™ 3000 Series Desktop Processors | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_3300x_firmware", vendor: "amd", versions: [ { lessThan: "comboam4v2_1.2.0.a", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_3300u_firmware", vendor: "amd", versions: [ { lessThan: "picassopi-fp5_1.0.0.e", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_pro_3200g_firmware", vendor: "amd", versions: [ { lessThan: "comboam4v2_pi_1.2.0.8", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_5_7500f_firmware", vendor: "amd", versions: [ { lessThan: "comboam5_1.0.8.0", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_threadripper_pro_3995wx_firmware", vendor: "amd", versions: [ { lessThan: "castlepeakpi-sp3r3_1.0.0.8", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_threadripper_pro_3995wx_firmware", vendor: "amd", versions: [ { lessThan: "castlepeakwspi-swrx8_1.0.0.a", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_threadripper_pro_5995wx_firmware", vendor: "amd", versions: [ { lessThan: "chagallwspi-swrx8_1.0.0.5", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_4300u_firmware", vendor: "amd", versions: [ { lessThan: "renoirpi-fp6_1.0.0.a", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_5_6600u_firmware", vendor: "amd", versions: [ { lessThan: "rembrandtpi-fp7_1.0.0.5", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_7335u_firmware", vendor: "amd", versions: [ { lessThan: "rembrandtpi-fp7_1.0.0.5", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_7_7745hx_firmware", vendor: "amd", versions: [ { lessThan: "dragonrangefl1pi_1.0.0.3b", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_5_5600x_firmware", vendor: "amd", versions: [ { lessThan: "comboam4v2_pi_1.2.0.8", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_5300g_firmware", vendor: "amd", versions: [ { lessThan: "cezannepi-fp6_1.0.0.c", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "ryzen_3_5425c_firmware", vendor: "amd", versions: [ { lessThan: "cezannepi-fp6_1.0.0.c", status: "unaffected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "affected", product: "athlon_pro_300ge_firmware", vendor: "amd", versions: [ { lessThan: "picassopi-fp5_1.0.0.e", status: "unaffected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-23817", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-13T17:51:43.434721Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-16T20:27:19.545Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V1 1.0.0.A/ComboAM4V2 1.2.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.0.8.0", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.5", }, { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PollockPI-FT5 1.0.0.4", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7045 Series Mobile Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "DragonRangeFL1PI 1.0.0.3b", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.2", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.", }, ], value: "Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:51:45.468Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2022-23817", datePublished: "2024-08-13T16:51:45.468Z", dateReserved: "2022-01-21T17:14:12.302Z", dateUpdated: "2024-08-16T20:27:19.545Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-20518 (GCVE-0-2023-20518)
Vulnerability from cvelistv5
Published
2024-08-13 16:52
Modified
2024-11-05 17:10
Severity ?
EPSS score ?
Summary
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 9004 Series Processors | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-20518", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-15T14:20:09.090291Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-459", description: "CWE-459 Incomplete Cleanup", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-05T17:10:30.170Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 9004 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "GenoaPI 1.0.0.4", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V1 1.0.0.A", }, { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, { status: "unaffected", version: "ComboAM4V1 1.0.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.B", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.F", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PollockPI-FT5 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.F", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.C", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.4", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.3", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.0", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.5", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\"> Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 1.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:52:55.976Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2023-20518", datePublished: "2024-08-13T16:52:55.976Z", dateReserved: "2022-10-27T18:53:39.736Z", dateUpdated: "2024-11-05T17:10:30.170Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-26387 (GCVE-0-2021-26387)
Vulnerability from cvelistv5
Published
2024-08-13 16:50
Modified
2024-10-30 17:59
Severity ?
EPSS score ?
Summary
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD signing keys and the BIOS menu or UEFI
shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7001 Series Processors |
Version: various |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-26387", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-14T15:47:34.441746Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-30T17:59:30.394Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", packageName: "PI", product: "AMD EPYC™ 7001 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7002 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4 V2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4 V2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM5 1.0.8.0", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.2", }, { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PollockPI-FT5 1.0.0.4", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.9b", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.9b", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.9", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected <a target=\"_blank\" rel=\"nofollow\">areas,</a> potentially leading to a loss of platform integrity.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:50:22.151Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-26387", datePublished: "2024-08-13T16:50:22.151Z", dateReserved: "2021-01-29T21:24:26.161Z", dateUpdated: "2024-10-30T17:59:30.394Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-46746 (GCVE-0-2021-46746)
Vulnerability from cvelistv5
Published
2024-08-13 16:50
Modified
2024-10-31 13:57
Severity ?
EPSS score ?
Summary
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing
keys to c006Frrupt the return address, causing a
stack-based buffer overrun, potentially leading to a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7001 Processors |
Version: various |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-46746", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-14T16:06:22.367564Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-31T13:57:25.237Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7001 Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7002 Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 9004 Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4 V2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "ComboAM5 1.0.8.0", }, ], }, { defaultStatus: "unaffected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "CastlePeakPI-SP3r3 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.2", }, { status: "unaffected", version: "CastlePeakWSPI-sWRX8 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "PollockPI-FT5 1.0.0.4", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7045 Series Mobile Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "DragonRangeFL1PI 1.0.0.3b", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 9003 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbAM4PI 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 7000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedAM5PI 1.0.0.0", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.2", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (<a target=\"_blank\" rel=\"nofollow\">TEE</a>) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, <a target=\"_blank\" rel=\"nofollow\">potentially</a> leading to a denial of service.<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, potentially leading to a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:50:51.023Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-46746", datePublished: "2024-08-13T16:50:51.023Z", dateReserved: "2022-03-31T16:50:27.864Z", dateUpdated: "2024-10-31T13:57:25.237Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-46772 (GCVE-0-2021-46772)
Vulnerability from cvelistv5
Published
2024-08-13 16:50
Modified
2024-11-05 21:18
Severity ?
EPSS score ?
Summary
Insufficient input validation in the ABL may allow a privileged
attacker with access to the BIOS menu or UEFI shell to tamper with the
structure headers in SPI ROM causing an out of bounds memory read and write,
potentially resulting in memory corruption or denial of service.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD EPYC™ 7002 Series Processors | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-46772", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-15T14:19:27.997821Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-05T21:18:50.631Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD EPYC™ 7002 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "RomePI 1.0.0.E", versionType: "PI", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ 7003 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "MilanPI 1.0.0.9", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "ComboAM4V2 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ 3000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Threadripper™ PRO 5000WX Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "ChagallWSPI-sWRX8 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "MendocinoPI-FT6 1.0.0.3", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RembrandtPI-FP7 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7002 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbRomePI-SP3 1.0.0.8", }, ], }, { defaultStatus: "affected", product: "AMD EPYC™ Embedded 7003 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbMilanPI-SP3 1.0.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded 5000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "affected", version: "various", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V3000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP7r2 1.0.0.4", }, ], }, ], datePublic: "2024-08-13T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">Insufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service.\n\n\n\n<div><div><div>\n\n</div>\n\n</div>\n\n</div>\n\n\n\n\n\n</span>", }, ], value: "Insufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:50:54.016Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { tags: [ "vendor-advisory", ], url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html", }, ], source: { advisory: "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-46772", datePublished: "2024-08-13T16:50:54.016Z", dateReserved: "2022-03-31T16:50:27.872Z", dateUpdated: "2024-11-05T21:18:50.631Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-26367 (GCVE-0-2021-26367)
Vulnerability from cvelistv5
Published
2024-08-13 16:50
Modified
2024-12-04 16:25
Severity ?
EPSS score ?
Summary
A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-26367", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-13T18:04:31.680686Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-04T16:25:09.987Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4PI 1.0.0.9", }, { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.8", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "ComboAM4v2 PI 1.2.0.5", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PollockPI-FT5 1.0.0.4", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "PicassoPI-FP5 1.0.0.E", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "RenoirPI-FP6 1.0.0.7", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.6", }, ], }, { defaultStatus: "unaffected", product: "AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics", vendor: "AMD", versions: [ { status: "unaffected", version: "CezannePI-FP6 1.0.0.6", }, ], }, { defaultStatus: "affected", product: "AMD Radeon™ RX 6000 Series Graphics Cards", vendor: "AMD", versions: [ { status: "unaffected", version: "AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)", }, ], }, { defaultStatus: "affected", product: "AMD Radeon™ PRO W6000 Series Graphics Cards", vendor: "AMD", versions: [ { status: "unaffected", version: "AMD Software: PRO Edition 23.Q4 (23.30.13.03)", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded R2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedR2KPI-FP5 1.0.0.2", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V1000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP5 1.2.0.A", }, ], }, { defaultStatus: "affected", product: "AMD Ryzen™ Embedded V2000 Series Processors", vendor: "AMD", versions: [ { status: "unaffected", version: "EmbeddedPI-FP6 1.0.0.6", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.", }, ], value: "A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T16:50:05.825Z", orgId: "b58fc414-a1e4-4f92-9d70-1add41838648", shortName: "AMD", }, references: [ { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html", }, { url: "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b58fc414-a1e4-4f92-9d70-1add41838648", assignerShortName: "AMD", cveId: "CVE-2021-26367", datePublished: "2024-08-13T16:50:05.825Z", dateReserved: "2021-01-29T21:24:26.151Z", dateUpdated: "2024-12-04T16:25:09.987Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }