Lucene search

[email protected]CVE-2021-46765

HistoryMay 09, 2023 - 8:15 p.m.

CVE-2021-46765

2023-05-0920:15:00

CWE-125

[email protected]

web.nvd.nist.gov

cve-2021-46765

insufficient input validation

asp

compromised smm

out-of-bounds memory reads

denial of service

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

22.6%

JSON

Insufficient input validation in ASP may allow
an attacker with a compromised SMM to induce out-of-bounds memory reads within
the ASP, potentially leading to a denial of service.

CPENameOperatorVersion
amd:ryzen_6600h_firmwareamd ryzen 6600h firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6600hs_firmwareamd ryzen 6600hs firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6600u_firmwareamd ryzen 6600u firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6800h_firmwareamd ryzen 6800h firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6800hs_firmwareamd ryzen 6800hs firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6800u_firmwareamd ryzen 6800u firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6900hs_firmwareamd ryzen 6900hs firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6900hx_firmwareamd ryzen 6900hx firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6980hs_firmwareamd ryzen 6980hs firmwareeqrembrandtpi-fp7_1.0.0.5
amd:ryzen_6980hx_firmwareamd ryzen 6980hx firmwareeqrembrandtpi-fp7_1.0.0.5

CPE	Name	Operator	Version
amd:ryzen_6600h_firmware	amd ryzen 6600h firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6600hs_firmware	amd ryzen 6600hs firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6600u_firmware	amd ryzen 6600u firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6800h_firmware	amd ryzen 6800h firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6800hs_firmware	amd ryzen 6800hs firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6800u_firmware	amd ryzen 6800u firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6900hs_firmware	amd ryzen 6900hs firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6900hx_firmware	amd ryzen 6900hx firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6980hs_firmware	amd ryzen 6980hs firmware	eq	rembrandtpi-fp7_1.0.0.5
amd:ryzen_6980hx_firmware	amd ryzen 6980hx firmware	eq	rembrandtpi-fp7_1.0.0.5

Rows per page:

1-10 of 781

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

22.6%

JSON

Related for CVE-2021-46765

prion1 cvelist1 amd1 hp1