Amd Ryzen Embedded 5000 vulnerabilities
9 known vulnerabilities affecting amd/amd_ryzen_embedded_5000.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH8
Vulnerabilities
Page 1 of 1
CVE-2023-31315HIGHCVSS 7.5vvarious2024-08-12
CVE-2023-31315 [HIGH] CWE-94 CVE-2023-31315: Improper validation in a model specific register (MSR) could allow a malicious program with ring0 ac
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
cvelistv5nvd
CVE-2021-46757HIGHCVSS 7.8vvarious2024-02-13
CVE-2021-46757 [HIGH] CWE-119 CVE-2021-46757: Insufficient checking of memory buffer in ASP
Secure OS may allow an attacker with a malicious TA to
Insufficient checking of memory buffer in ASP
Secure OS may allow an attacker with a malicious TA to read/write to the ASP
Secure OS kernel virtual address space potentially leading to privilege
escalation.
cvelistv5nvd
CVE-2022-23821CRITICALCVSS 9.8vvarious 2023-11-14
CVE-2022-23821 [CRITICAL] CVE-2022-23821: Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM po
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
cvelistv5nvd
CVE-2023-20563HIGHCVSS 7.8vvarious 2023-11-14
CVE-2023-20563 [HIGH] CWE-269 CVE-2023-20563: Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially e
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
cvelistv5nvd
CVE-2021-46774HIGHCVSS 7.5vvarious2023-11-14
CVE-2021-46774 [HIGH] CVE-2021-46774: Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/w
Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.
cvelistv5nvd
CVE-2023-20533HIGHCVSS 7.5vvarious2023-11-14
CVE-2023-20533 [HIGH] CVE-2023-20533: Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/w
Insufficient DRAM address validation in System
Management Unit (SMU) may allow an attacker to read/write from/to an invalid
DRAM address, potentially resulting in denial-of-service.
cvelistv5nvd
CVE-2020-12931HIGHCVSS 7.8vvarious2022-11-09
CVE-2020-12931 [HIGH] CVE-2020-12931: Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacke
Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
cvelistv5nvd
CVE-2020-12930HIGHCVSS 7.8vvarious2022-11-09
CVE-2020-12930 [HIGH] CVE-2020-12930: Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker t
Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.
cvelistv5nvd
CVE-2021-26392HIGHCVSS 7.8vvarious2022-11-09
CVE-2021-26392 [HIGH] CWE-787 CVE-2021-26392: Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write p
Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.
cvelistv5nvd