FKIE_CVE-2022-23815
Vulnerability from fkie_nvd - Published: 2024-08-13 17:15 - Updated: 2025-03-18 21:15
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@amd.com | https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:athlon_silver_3050u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03194384-10A2-4B6D-BED1-C01908249969",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:athlon_silver_3050u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFF28BE-F049-4716-AADE-643FABB753A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:athlon_gold_3150u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5752E4C7-FB24-4E31-ABB0-EB9F09AEECCC",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:athlon_gold_3150u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57E11A9D-03EC-4014-BB1C-5286C694581B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_7_3780u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56FC4E22-6DCE-4DF0-A30E-B7574BE36FD6",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_7_3780u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E677F6F8-3F5A-4457-8B66-D5C06DA4CB4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_7_3750h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "235E9B6E-4C2F-4C97-8E56-4ECD4B9D1969",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_7_3750h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "228E3FBD-F997-402D-AE96-B14D66390700",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_7_pro_3700u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D532BCD-50E7-41AC-91D3-A0135F2266EE",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_7_pro_3700u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE1C3A6-06F5-4448-B7BE-54EED3672BBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_7_3700u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC0AC2E-CA16-46E5-A703-8DCD3EF82425",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_7_3700u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C201AA2-D2FC-4240-A8F0-B8C55D7CCE31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_5_3580u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3770F180-FB7C-410F-B49D-D30AA05326BC",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_5_3580u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE2EC993-8A65-416B-939F-1C707D596AF9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_5_3550h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15FE9FAE-DEC6-42FA-8622-3D5B0C845928",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_5_3550h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C6F103-30CC-4738-B489-B12790836B1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_5_3500u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E25EF8F6-B5F3-478C-9AB5-60B29497D2F7",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_5_3500u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDAE070-C41A-4D8C-BE0D-DBD434760749",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_3_3300u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C5BE3C-6F3F-45A3-9F5C-A72CE30B3656",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_3_3300u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9921AE2D-F497-47C8-B463-947E230CF4F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_3_3250u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8FA542-D8A5-4C7F-BF80-E79CE90D7D76",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_3_3250u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C29793-1142-4506-8C32-3B89227BB3A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:ryzen_3_3200u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F0F843-A668-4BA3-9111-491BD115E0DA",
"versionEndExcluding": "picassopi-fp5_1.0.0.e",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:ryzen_3_3200u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8921CB70-EE2E-4E18-8E6C-52B505E2D2E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "420E8314-35B8-4A12-AD42-3914EBA51D4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:athlon_gold_pro_3150g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0FB0AF-E942-4257-A9F2-8077A753A169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:athlon_gold_3150g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD375C2E-B976-4DAE-BF89-EFED1482DB28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:athlon_gold_3150g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE68ECE-5298-4BC1-AC24-5CF613389CDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D689C088-F1F1-4368-B6AE-75D3F9582FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:athlon_gold_pro_3150ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E09DC414-96EE-478E-847C-7ACB5915659B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52DFA8C8-AD16-45B1-934F-AEE78C51DDAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:amd:athlon_pro_300ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F521757-7ABC-4CEB-AD06-2FD738216E8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution."
},
{
"lang": "es",
"value": "Una verificaci\u00f3n de los l\u00edmites inadecuada en el firmware APCB puede permitir que un atacante realice una escritura fuera de los l\u00edmites, corrompiendo la entrada APCB y potencialmente llevando a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2022-23815",
"lastModified": "2025-03-18T21:15:23.087",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "psirt@amd.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-13T17:15:18.197",
"references": [
{
"source": "psirt@amd.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html"
}
],
"sourceIdentifier": "psirt@amd.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…