5 results (0.012 seconds)

CVSS: 9.8EPSS: 0%CPEs: 236EXPL: 0

Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution. Un control de acceso inadecuado en System Management Mode (SMM) puede permitir que un atacante escriba en la ROM SPI, lo que podría provocar la ejecución de código arbitrario. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 •

CVSS: 9.8EPSS: 0%CPEs: 230EXPL: 0

Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. No validar el búfer de comunicación AMD SMM puede permitir que un atacante corrompa la SMRAM, lo que podría provocar la ejecución de código arbitrario. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002 https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 0%CPEs: 216EXPL: 0

Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 156EXPL: 0

Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •

CVSS: 9.1EPSS: 0%CPEs: 356EXPL: 0

Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and integrity. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 •