CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-8931
https://notcve.org/view.php?id=CVE-2018-8931
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1. Los chips de procesamiento de AMD Ryzen, Ryzen Pro y Ryzen Mobile tienen un control de acceso insuficiente para Secure Processor. Esto se conoce como RYZENFALL-1. • https://amdflaws.com https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary https://community.amd.com/community/amd-corporate/blog/2018/03/21/initial-amd-technical-assessment-of-cts-labs-research https://safefirmware.com/amdflaws_whitepaper.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-8936
https://notcve.org/view.php?id=CVE-2018-8936
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation. Los chips de procesamiento de AMD EPYC Server, Ryzen, Ryzen Pro y Ryzen Mobile permiten el escalado de privilegios de Platform Security Processor (PSP). • https://amdflaws.com https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary https://community.amd.com/community/amd-corporate/blog/2018/03/21/initial-amd-technical-assessment-of-cts-labs-research https://safefirmware.com/amdflaws_whitepaper.pdf •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-8935
https://notcve.org/view.php?id=CVE-2018-8935
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW. El chipset Promontory, tal y como se utiliza en plataformas AMD Ryzen y Ryzen Pro, tiene una puerta trasera en el ASIC. Esto también se conoce como CHIMERA-FW. • https://amdflaws.com https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary https://community.amd.com/community/amd-corporate/blog/2018/03/21/initial-amd-technical-assessment-of-cts-labs-research https://safefirmware.com/amdflaws_whitepaper.pdf •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-8930
https://notcve.org/view.php?id=CVE-2018-8930
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. Los chips de procesamiento de AMD EPYC Server, Ryzen, Ryzen Pro y Ryzen Mobile no aplican Hardware Validated Boot lo suficiente. Esto también se conoce como MASTERKEY-1, MASTERKEY-2 y MASTERKEY-3. • https://amdflaws.com https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary https://community.amd.com/community/amd-corporate/blog/2018/03/21/initial-amd-technical-assessment-of-cts-labs-research https://safefirmware.com/amdflaws_whitepaper.pdf https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03841en_us •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-8932
https://notcve.org/view.php?id=CVE-2018-8932
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4. Los chips de procesamiento de AMD Ryzen y Ryzen Pro tienen un control de acceso insuficiente para Secure Processor. Esto se conoce como RYZENFALL-2, RYZENFALL-3 y RYZENFALL-4. • https://amdflaws.com https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary https://community.amd.com/community/amd-corporate/blog/2018/03/21/initial-amd-technical-assessment-of-cts-labs-research https://safefirmware.com/amdflaws_whitepaper.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •