Page 2 of 8 results (0.006 seconds)

CVSS: 9.1EPSS: 0%CPEs: 336EXPL: 0

Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss of confidentiality and integrity. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 • CWE-20: Improper Input Validation •

CVSS: 9.1EPSS: 0%CPEs: 356EXPL: 0

Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 •

CVSS: 7.5EPSS: 0%CPEs: 336EXPL: 0

Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •