Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to AMD - AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics

cve-2023-31342

Vulnerability from cvelistv5

Published

2025-02-11 22:24

Modified

2025-02-12 15:35

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html

Impacted products

Vendor

Product

Version

▼

AMD

AMD EPYC™ 7003 Processors

	AMD	AMD EPYC™ 9004 Processors
	AMD	AMD Instinct™ MI300A
	AMD	AMD Ryzen™ 3000 Series Desktop Processors
	AMD	AMD Ryzen™ 5000 Series Desktop Processors
	AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 7000 Series Desktop Processors
	AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors
	AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 7000 Series Mobile Processors
	AMD	AMD EPYC™ Embedded 7003
	AMD	AMD EPYC™ Embedded 9004
	AMD	AMD Ryzen™ Embedded R1000
	AMD	AMD Ryzen™ Embedded R2000
	AMD	AMD Ryzen™ Embedded 5000
	AMD	AMD Ryzen™ Embedded 7000
	AMD	AMD Ryzen™ Embedded V2000
	AMD	AMD Ryzen™ Embedded V3000

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-31342",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T15:35:29.149040Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:35:57.126Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MilanPI 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MI300API 1.0.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Pollock-FT5 1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Picasso-FP5 1.0.1.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6 1.0.0.D"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Cezanne-FP6 1.0.1.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MendocinoPI-FT6 1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Rembrandt-FP7 1.0.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Rembrandt-FP7 1.0.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7 1.1.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "DragonRangeFL1PI 1.0.0.3C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbMilanPI-SP3  1.0.0.8"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5 1.0.0.3"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbAM4PI 1.0.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedAM5PI 1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6 1.0.0.9"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Embedded-PI FP7r2 1.0.0.9"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution."
            }
          ],
          "value": "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T22:24:02.153Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-31342",
    "datePublished": "2025-02-11T22:24:02.153Z",
    "dateReserved": "2023-04-27T15:25:41.425Z",
    "dateUpdated": "2025-02-12T15:35:57.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-31345

Vulnerability from cvelistv5

Published

2025-02-11 23:49

Modified

2025-02-12 15:33

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html

Impacted products

Vendor

Product

Version

▼

AMD

AMD EPYC™ 7003 Processors

Version: MilanPI 1.0.0.C

	AMD	AMD EPYC™ 9004 Processors
	AMD	AMD Instinct™ MI300A
	AMD	AMD Ryzen™ 3000 Series Desktop Processors
	AMD	AMD Ryzen™ 5000 Series Desktop Processors
	AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 7000 Series Desktop Processors
	AMD	AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors
	AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 7000 Series Mobile Processors
	AMD	AMD EPYC™ Embedded 7003
	AMD	AMD EPYC™ Embedded 9004
	AMD	AMD Ryzen™ Embedded 5000
	AMD	AMD Ryzen™ Embedded 7000
	AMD	AMD Ryzen™ Embedded V2000
	AMD	AMD Ryzen™ Embedded V3000

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-31345",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T15:32:58.953979Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:33:04.071Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "MilanPI 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MI300API 1.0.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Pollock-FT5 1.0.0.7\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Picasso-FP5 1.0.1.1\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"RenoirPI-FP6 1.0.0.D\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Cezanne-FP6 1.0.1.0\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"MendocinoPI-FT6 1.0.0.6\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Rembrandt-FP7 1.0.0.A\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Rembrandt-FP7 1.0.0.A\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"PhoenixPI-FP8-FP7 1.1.0.2\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"DragonRangeFL1PI 1.0.0.3C\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"EmbMilanPI-SP3  1.0.0.8\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"EmbAM4PI 1.0.0.5\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedAM5PI 1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"EmbeddedPI-FP6 1.0.0.9\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Embedded-PI FP7r2 1.0.0.9\""
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution."
            }
          ],
          "value": "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T23:49:05.388Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-31345",
    "datePublished": "2025-02-11T23:49:05.388Z",
    "dateReserved": "2023-04-27T15:25:41.427Z",
    "dateUpdated": "2025-02-12T15:33:04.071Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-21971

Vulnerability from cvelistv5

Published

2025-02-12 00:01

Modified

2025-02-12 15:32

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html

Impacted products

Vendor

Product

Version

▼

AMD

AMD Ryzen™ 5000 Series Desktop Processors

AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7000 Series Desktop Processors
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics	Version: AMD Software: PRO Edition 24.Q2 (23.19.16.01)
AMD	AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7030 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7045 Series Mobile Processors
AMD	AMD Radeon™ RX 5000 Series Graphics Products
AMD	AMD Radeon™ PRO W5000 Series Graphics Products
AMD	AMD Radeon™ RX 7000 Series Graphics Products
AMD	AMD Radeon™ PRO W7000 Series Graphics Products
AMD	AMD Radeon™ VII
AMD	AMD Radeon™ PRO VII
AMD	AMD Radeon™ Instinct™ MI25
AMD	AMD Radeon™ PRO V520
AMD	AMD Radeon™ PRO V620
AMD	AMD Radeon™ PRO V710
AMD	AMD Ryzen™ Embedded R1000
AMD	AMD Ryzen™ Embedded R2000
AMD	AMD Ryzen™ Embedded 7000
AMD	AMD Ryzen™ Embedded V1000
AMD	AMD Ryzen™ Embedded V2000
AMD	AMD Ryzen™ Embedded V3000

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21971",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T15:32:03.493834Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:32:39.200Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "affected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W7000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (23.19.16)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO VII",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (23.19.16)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (23.19.16.01)"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "AMD Radeon\u2122 Instinct\u2122 MI25",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unknown",
              "version": "Contact your AMD Customer  Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unknown",
              "version": "Contact your AMD Customer  Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unknown",
              "version": "Contact your AMD Customer  Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unknown",
              "version": "Contact your AMD Customer  Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "24.10.21.01"
            },
            {
              "status": "unaffected",
              "version": "23.19.16"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "24.10.21.01"
            },
            {
              "status": "unaffected",
              "version": "23.19.16"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "24.10.21.01"
            },
            {
              "status": "unaffected",
              "version": "23.19.16"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "24.10.21.01"
            },
            {
              "status": "unaffected",
              "version": "23.19.16"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "24.10.21.01"
            },
            {
              "status": "unaffected",
              "version": "23.19.16"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "24.10.21.01"
            },
            {
              "status": "unaffected",
              "version": "23.19.16"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows\u00ae system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service."
            }
          ],
          "value": "Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows\u00ae system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-12T00:05:50.860Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-21971",
    "datePublished": "2025-02-12T00:01:00.419Z",
    "dateReserved": "2024-01-03T16:43:28.699Z",
    "dateUpdated": "2025-02-12T15:32:39.200Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-31315

Vulnerability from cvelistv5

Published

2024-08-09 17:08

Modified

2024-09-12 12:56

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html	vendor-advisory

Impacted products

Vendor

Product

Version

▼

AMD

3rd Gen AMD EPYC™ Processors

Version: various

AMD	1st Gen AMD EPYC™ Processors	Version: various
AMD	2nd Gen AMD EPYC™ Processors	Version: various
AMD	4th Gen AMD EPYC™ Processors
AMD	AMD EPYC™ Embedded 3000	Version: various
AMD	AMD EPYC™ Embedded 7002	Version: various
AMD	AMD EPYC™ Embedded 7003	Version: various
AMD	AMD EPYC™ Embedded 9003
AMD	AMD Ryzen™ Embedded R1000	Version: various
AMD	AMD Ryzen™ Embedded R2000	Version: various
AMD	AMD Ryzen™ Embedded 5000	Version: various
AMD	AMD Ryzen™ Embedded 7000	Version: various
AMD	AMD Ryzen™ Embedded V1000	Version: various
AMD	AMD Ryzen™ Embedded V2000	Version: various
AMD	AMD Ryzen™ Embedded V3000	Version: various
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Version: various
AMD	AMD Ryzen™ 5000 Series Desktop Processors
AMD	AMD Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7000 Series Desktop Processors	Version: various
AMD	AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ Threadripper™ 3000 Series Processors	Version: various
AMD	AMD Ryzen™ Threadripper™ PRO Processors	Version: various
AMD	AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7045 Series Mobile Processors
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 8000 Series Processors with Radeon™ Graphics

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-12T12:56:32.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.darkreading.com/remote-workforce/amd-issues-updates-for-silicon-level-sinkclose-flaw"
          },
          {
            "url": "https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Enrique%20Nissim%20Krzysztof%20Okupski%20-%20AMD%20Sinkclose%20Universal%20Ring-2%20Privilege%20Escalation.pdf"
          },
          {
            "url": "https://news.ycombinator.com/item?id=41475975"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:amd:1st_gen_amd_epyc_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "1st_gen_amd_epyc_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "naples.pi.1.0.0.m",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:amd:3rd_gen_amd_epyc_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "3rd_gen_amd_epyc_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "milan.pi.1.0.0.d",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:amd:2nd_gen_amd_epyc_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "2nd_gen_amd_epyc_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "rome.pi.1.0.0.j",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_3000_series_desktop_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_3000_series_desktop_processors",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:amd:4th_gen_amd_epyc_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "4th_gen_amd_epyc_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "genoa_pi_1.0.0.c",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:epyc_embedded_3000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "epyc_embedded_3000",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:epyc_embedded_7002:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "epyc_embedded_7002",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:epyc_embedded_7003:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "epyc_embedded_7003",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:epyc_embedded_9003:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "epyc_embedded_9003",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "emgenoa.pi.1.0.0.7",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_embedded_r1000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_embedded_r1000",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_embedded_r2000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_embedded_r2000",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_embedded_7000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_embedded_7000",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_embedded_5000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_embedded_5000",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_embedded_v1000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_embedded_v1000",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_embedded_v3000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_embedded_v3000",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_embedded_v2000:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_embedded_v2000",
            "vendor": "amd",
            "versions": [
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_7040_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_7040_series_mobile_processors_with_radeon_graphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "phoenixpi-fp8-fp7.1.1.0.3",
                "status": "unaffected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_5000_series_desktop_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_5000_series_desktop_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "comboam4v2pi.1.2.0.cb",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_5000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_5000_series_desktop_processors_with_radeon_graphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "comboam4v2pi.1.2.0.cb",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "various"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_7000_desktop_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_7000_desktop_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "comboam5pi.1.2.0.1",
                "status": "affected",
                "version": "0",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_4000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_4000_series_desktop_processors_with_radeon_graphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "comboam4v2pi.1.2.0.cb",
                "status": "affected",
                "version": "0",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_threadripper_3000_series_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_threadripper_3000_series_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "castlepeakpl-sp3r3.1.0.0.b",
                "status": "affected",
                "version": "0",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_threadripper_pro_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_threadripper_pro_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "chagallwspi-swrx8.1.0.0.8",
                "status": "affected",
                "version": "various",
                "versionType": "python"
              },
              {
                "lessThan": "castlepeakwspi-swrx8.1.0.0.8",
                "status": "affected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_threadripper_pro_3000wx_series_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_threadripper_pro_3000wx_series_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "chagallwspi-swrx8.1.0.0.8",
                "status": "affected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:athlon_3000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "athlon_3000_series_mobile_processors_with_radeon_graphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "picasso-fp5.1.0.1.2",
                "status": "affected",
                "version": "various",
                "versionType": "python"
              },
              {
                "lessThan": "pollockpi-ft5.1.0.0.8",
                "status": "affected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_3000_series_desktop_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_3000_series_desktop_processors_with_radeon_graphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "picasso-fp5.1.0.1.2",
                "status": "affected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_4000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_4000_series_mobile_processors_with_radeon_graphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "renoirpi-fp6.1.0.0.e",
                "status": "unaffected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_5000_series_mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_5000_series_mobile_processors_with_radeon_graphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "cezannepi-fp6.1.0.1.1",
                "status": "unaffected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_7030_series-mobile_processors_with_radeon_graphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_7030_series-mobile_processors_with_radeon_graphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "cezannepi-fp6",
                "status": "affected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_7045_series_mobile_processors:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_7045_series_mobile_processors",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "dragonrangefl1.1.0.0.3e",
                "status": "unaffected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_6000_processors_with_radeongraphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_6000_processors_with_radeongraphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "remembrandtpi-fp7.1.0.0.b",
                "status": "unaffected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_7020_processors_with_radeongraphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_7020_processors_with_radeongraphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "mendocinopi-ft6.1.0.0.7",
                "status": "affected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_7035_processors_with_radeongraphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_7035_processors_with_radeongraphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "remembrandtpi-fp7.1.0.0.b",
                "status": "unaffected",
                "version": "various",
                "versionType": "python"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:amd:ryzen_8000_series_processors_with_radeongraphics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_8000_series_processors_with_radeongraphics",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "comboam5pi.1.2.0.1",
                "status": "unaffected",
                "version": "various",
                "versionType": "python"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "ADJACENT_NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.8,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-31315",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-09T17:29:59.373286Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-27T14:54:02.319Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "PI",
          "product": "3rd Gen AMD EPYC\u2122 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "Milan PI 1.0.0.D",
              "status": "affected",
              "version": "various",
              "versionType": "Platform Initialization"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "1st Gen AMD EPYC\u2122 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "Naples PI 1.0.0.M",
              "status": "affected",
              "version": "various",
              "versionType": "Platform Initialization"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "2nd Gen AMD EPYC\u2122 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "Rome PI 1.0.0.J",
              "status": "affected",
              "version": "various",
              "versionType": "Platform Initialization"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "4th Gen AMD EPYC\u2122 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "Genoa PI 1.0.0.C",
              "status": "unaffected",
              "version": "various",
              "versionType": "Platform Initialization"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7002",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9003",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "EmbGenoaPI 1.0.0.7",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "ComboAM4v2PI 1.2.0.cb",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "ComboAM4v2PI 1.2.0.cb",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "ComboAM5PI 1.2.0.1",
              "status": "affected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "ComboAM4v2PI 1.2.0.cb",
              "status": "affected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "CastlePeakPI-SP3r3 1.0.0.B",
              "status": "affected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "ChagallWSPI-sWRX8 1.0.0.8",
              "status": "affected",
              "version": "various",
              "versionType": "PI"
            },
            {
              "lessThan": "CastlePeakWSPI-sWRX8 1.0.0.D",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "ChagallWSPI-sWRX8 1.0.0.8",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "Picasso-FP5 1.0.1.2",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            },
            {
              "lessThan": "PollockPI-FT5 1.0.0.8",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "Picasso-FP5 1.0.1.2",
              "status": "affected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "RenoirPI-FP6 1.0.0.E",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "CezannePI-FP6 1.0.1.1",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "CezannePI-FP6",
              "status": "affected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "PhoenixPI-FP8-FP7 1.1.0.3",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "DragonRangeFL1 1.0.0.3e",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "RembrandtPI-FP7 1.0.0.B",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "MendocinoPI-FT6 1.0.0.7",
              "status": "affected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "RembrandtPI-FP7 1.0.0.B",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "lessThan": "ComboAM5PI 1.2.0.1",
              "status": "unaffected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        }
      ],
      "datePublic": "2024-08-09T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.\u003c/span\u003e"
            }
          ],
          "value": "Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-13T15:37:24.501Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html"
        }
      ],
      "source": {
        "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-31315",
    "datePublished": "2024-08-09T17:08:24.237Z",
    "dateReserved": "2023-04-27T15:25:41.423Z",
    "dateUpdated": "2024-09-12T12:56:32.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20515

Vulnerability from cvelistv5

Published

2025-02-11 21:16

Modified

2025-02-12 15:35

Severity ?

5.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L

Summary

Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html

Impacted products

Vendor

Product

Version

▼

AMD

AMD Ryzen™ 3000 Series Desktop Processors

AMD	AMD Ryzen™ 5000 Series Desktop Processors
AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7000 Series Desktop Processors
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
AMD	AMD Ryzen™ Threadripper™ 3000 Series Processors
AMD	AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors
AMD	AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7000 Series Mobile Processors
AMD	AMD Ryzen™ Embedded R1000
AMD	AMD Ryzen™ Embedded R2000
AMD	AMD Ryzen™ Embedded 5000
AMD	AMD Ryzen™ Embedded 7000
AMD	AMD Ryzen™ Embedded V2000
AMD	AMD Ryzen™ Embedded V1000	Version: No Fix Planned
AMD	AMD Ryzen™ Embedded V3000

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20515",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T14:03:56.637259Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:35:01.957Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.0.8.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.CA"
            },
            {
              "status": "unaffected",
              "version": "ComboAM4PI 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.0.8.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakPI-SP3r3 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
            },
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.9"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Pollock-FT5 1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Picasso-FP5 1.0.1.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6 1.0.0.D"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Cezanne-FP6 1.0.1.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MendocinoPI-FT6 1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7 1.0.0.9b"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7 1.0.0.9b"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7 1.0.8.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "DragonRangeFL1PI 1.0.0.3b"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5 1.0.0.3"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbAM4PI 1.0.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedAM5PI 1.0.0.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6 1.0.0.9"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "No Fix Planned"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Embedded-PIFP7r2 1.0.0.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability."
            }
          ],
          "value": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T21:16:29.016Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-20515",
    "datePublished": "2025-02-11T21:16:29.016Z",
    "dateReserved": "2022-10-27T18:53:39.736Z",
    "dateUpdated": "2025-02-12T15:35:01.957Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-31343

Vulnerability from cvelistv5

Published

2025-02-11 22:35

Modified

2025-02-12 15:35

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html

Impacted products

Vendor

Product

Version

▼

AMD

AMD EPYC™ 7003 Processors

AMD	AMD EPYC™ 9004 Processors
AMD	AMD Instinct™ MI300A
AMD	AMD Ryzen™ 3000 Series Desktop Processors
AMD	AMD Ryzen™ 5000 Series Desktop Processors
AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7000 Series Desktop Processors
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
AMD	AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
AMD	AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7000 Series Mobile Processors
AMD	AMD EPYC™ Embedded 7003
AMD	AMD EPYC™ Embedded 9004
AMD	AMD Ryzen™ Embedded R1000
AMD	AMD Ryzen™ Embedded R2000	Version: "EmbeddedR2KPI-FP5 1.0.0.3"
AMD	AMD Ryzen™ Embedded 5000
AMD	AMD Ryzen™ Embedded 7000
AMD	AMD Ryzen™ Embedded V2000
AMD	AMD Ryzen™ Embedded V3000

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-31343",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T15:34:57.941103Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:35:05.712Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MilanPI 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MI300API 1.0.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5 1.1.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Pollock-FT5 1.0.0.7\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Picasso-FP5 1.0.1.1\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"RenoirPI-FP6 1.0.0.D\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Cezanne-FP6 1.0.1.0\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"MendocinoPI-FT6 1.0.0.6\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Rembrandt-FP7 1.0.0.A\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Rembrandt-FP7 1.0.0.A\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"PhoenixPI-FP8-FP7 1.1.0.2\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"DragonRangeFL1PI 1.0.0.3C\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"EmbMilanPI-SP3  1.0.0.8\""
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AMD EPYC\u2122 Embedded 9004",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AMD Ryzen\u2122 Embedded R1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"EmbeddedPI-FP5 1.2.0.C\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "\"EmbeddedR2KPI-FP5 1.0.0.3\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"EmbAM4PI 1.0.0.5\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedAM5PI 1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"EmbeddedPI-FP6 1.0.0.9\""
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "\"Embedded-PI FP7r2 1.0.0.9\""
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T22:35:04.110Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-31343",
    "datePublished": "2025-02-11T22:35:04.110Z",
    "dateReserved": "2023-04-27T15:25:41.426Z",
    "dateUpdated": "2025-02-12T15:35:05.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-26344

Vulnerability from cvelistv5

Published

2024-08-13 16:49

Modified

2024-08-13 18:33

Severity ?

7.2 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Summary

An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html	vendor-advisory

Impacted products

Vendor

Product

Version

▼

AMD

AMD EPYC™ 7001 Series Processors

Version: various

AMD	AMD EPYC™ 7002 Series Processors
AMD	AMD EPYC™ 7003 Series Processors
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Version: various
AMD	AMD Ryzen™ 5000 Series Desktop Processors
AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ Threadripper™ 3000 Series Processors	Version: various
AMD	AMD Ryzen™ Threadripper™ PRO 5000WX Processors
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Version: various
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
AMD	AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics
AMD	AMD EPYC™ Embedded 7002 Series Processors
AMD	AMD EPYC™ Embedded 3000 Series Processors	Version: Various
AMD	AMD EPYC™ Embedded 7003 Series Processors
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Version: v
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Version: v
AMD	AMD Ryzen™ Embedded 5000 Series Processors	Version: v
AMD	AMD Ryzen™ Embedded V1000 Series Processors	Version: v
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Version: v
AMD	AMD Ryzen™ Embedded V3000 Series Processors

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "naplespi",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "1.0.0.k",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "romepi",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "1.0.0.C",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "milanpi",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "1.0.0.5",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-26344",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-13T18:29:11.333464Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T18:33:40.359Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7001 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various",
              "versionType": "PI"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7002 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RomePI 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MilanPI 1.0.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4V2 1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4V2 1.2.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8  1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MendocinoPI-FT6 1.0.0.3"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7 1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7 1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbRomePI-SP3  1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "Various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbMilanPI-SP3  1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "v"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "v"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "v"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "v"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "v"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP7r2 1.0.0.4"
            }
          ]
        }
      ],
      "datePublic": "2024-08-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution.\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
            }
          ],
          "value": "An out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-13T16:49:52.889Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
        }
      ],
      "source": {
        "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2021-26344",
    "datePublished": "2024-08-13T16:49:52.889Z",
    "dateReserved": "2021-01-29T21:24:26.145Z",
    "dateUpdated": "2024-08-13T18:33:40.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20508

Vulnerability from cvelistv5

Published

2025-02-11 23:34

Modified

2025-02-12 15:33

Severity ?

5.0 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

Summary

Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html

Impacted products

Vendor

Product

Version

▼

AMD

AMD Radeon™ RX 6000 Series Graphics Products

	AMD	AMD Radeon™ PRO W6000 Series Graphics Products
	AMD	AMD Radeon™ Instinct™ MI25
	AMD	AMD Radeon™ PRO V520
	AMD	AMD Radeon™ PRO V620
	AMD	AMD Radeon™ PRO V710
	AMD	AMD Instinct™ MI300A
	AMD	AMD Instinct™ MI300X
	AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
	AMD	AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics
	AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 5000 Series Desktop Processors
	AMD	AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics
	AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 7030 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics
	AMD	AMD Ryzen™ 7000 Series Desktop Processors
	AMD	AMD Ryzen™ 7045 Series Mobile Processors

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20508",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T15:33:25.967588Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:33:36.214Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "AMD Radeon\u2122 Instinct\u2122 MI25",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unknown",
              "version": "Contact your AMD Customer  Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "AMD Radeon\u2122 PRO V520",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unknown",
              "version": "Contact your AMD Customer  Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "AMD Radeon\u2122 PRO V620",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unknown",
              "version": "Contact your AMD Customer  Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unknown",
              "version": "Contact your AMD Customer  Engineering representative"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MI300PI 1.0.0.5"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "BKC 24.12"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7045 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
            },
            {
              "status": "unaffected",
              "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability."
            }
          ],
          "value": "Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T23:34:02.874Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6008.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-20508",
    "datePublished": "2025-02-11T23:34:02.874Z",
    "dateReserved": "2022-10-27T18:53:39.735Z",
    "dateUpdated": "2025-02-12T15:33:36.214Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-23829

Vulnerability from cvelistv5

Published

2024-06-18 19:01

Modified

2024-08-29 20:40

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.

References

▼	URL	Tags
	https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1041.html

Impacted products

Vendor

Product

Version

▼

AMD

AMD Ryzen™ Threadripper™ PRO Processors 5900 WX-Series

Version: various

AMD	AMD Ryzen™ 6000 Series Mobile Processors and Workstations	Version: various
AMD	AMD Ryzen™ 7000 Series Desktop Processors	Version: various
AMD	AMD Ryzen™ 5000 Series Mobile Processors	Version: various
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Version: various
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Version: various
AMD	AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ 4000 Series Mobile Processors	Version: various
AMD	AMD Ryzen™ 3000 Series Mobile Processor / 2nd Gen AMD Ryzen™ Mobile Processor with Radeon™ Graphics	Version: various
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Version: various
AMD	AMD Ryzen™ Threadripper™ PRO Processor	Version: various
AMD	1st Gen AMD EPYC™ Processors	Version: various
AMD	2nd Gen AMD EPYC™ Processors	Version: various
AMD	3rd Gen AMD EPYC™ Processors	Version: various
AMD	AMD EPYC™ Embedded 3000	Version: various
AMD	AMD EPYC (TM) Embedded 7002	Version: various
AMD	AMD EPYC™ Embedded 7003	Version: various
AMD	AMD RyzenTM Embedded R1000	Version: various
AMD	AMD RyzenTM Embedded R2000	Version: various
AMD	AMD RyzenTM Embedded 5000	Version: various
AMD	AMD RyzenTM Embedded V1000	Version: various
AMD	AMD RyzenTM Embedded V2000	Version: various
AMD	AMD RyzenTM Embedded V3000	Version: various

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:51:46.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1041.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:amd:ryzen_threadripper_pro_5945wx:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_threadripper_pro_5955wx:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_threadripper_pro_5965wx:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_threadripper_pro_5975wx:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_threadripper_pro_5995wx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_threadripper_pro_5995wx",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:amd:ryzen_6600h:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6600hs:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6600u:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6800h:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6800hs:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6800u:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6900hs:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6900hx:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6980hs:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:amd:ryzen_6980hx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ryzen_6980hx",
            "vendor": "amd",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-23829",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-05T17:32:15.481387Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-29T20:40:26.171Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO Processors 5900 WX-Series",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Mobile Processors and Workstations",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processor / 2nd Gen AMD Ryzen\u2122 Mobile Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO Processor",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "1st Gen AMD EPYC\u2122 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "2nd Gen AMD EPYC\u2122 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "3rd Gen AMD EPYC\u2122 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC (TM) Embedded 7002",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD RyzenTM Embedded R1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD RyzenTM Embedded R2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD RyzenTM Embedded 5000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD RyzenTM Embedded V1000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD RyzenTM Embedded V2000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD RyzenTM Embedded V3000",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        }
      ],
      "datePublic": "2024-06-11T18:54:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.\u003c/span\u003e\n\n"
            }
          ],
          "value": "A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-18T19:01:57.007Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1041.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2022-23829",
    "datePublished": "2024-06-18T19:01:24.315Z",
    "dateReserved": "2022-01-21T17:20:55.781Z",
    "dateUpdated": "2024-08-29T20:40:26.171Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}