Lucene search

[email protected]CVE-2021-46775

HistoryMay 09, 2023 - 7:15 p.m.

CVE-2021-46775

2023-05-0919:15:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2021-46775

input validation

abl

memory overwrites

integrity

code execution

physical access

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

21.5%

JSON

Improper input validation in ABL may enable an
attacker with physical access, to perform arbitrary memory overwrites,
potentially leading to a loss of integrity and code execution.

CPENameOperatorVersion
amd:epyc_72f3_firmwareamd epyc 72f3 firmwareeqmilanpi_1.0.0.9
amd:epyc_7313_firmwareamd epyc 7313 firmwareeqmilanpi_1.0.0.9
amd:epyc_7313p_firmwareamd epyc 7313p firmwareeqmilanpi_1.0.0.9
amd:epyc_7343_firmwareamd epyc 7343 firmwareeqmilanpi_1.0.0.9
amd:epyc_7373x_firmwareamd epyc 7373x firmwareeqmilanpi_1.0.0.9
amd:epyc_73f3_firmwareamd epyc 73f3 firmwareeqmilanpi_1.0.0.9
amd:epyc_7413_firmwareamd epyc 7413 firmwareeqmilanpi_1.0.0.9
amd:epyc_7443_firmwareamd epyc 7443 firmwareeqmilanpi_1.0.0.9
amd:epyc_7443p_firmwareamd epyc 7443p firmwareeqmilanpi_1.0.0.9
amd:epyc_7453_firmwareamd epyc 7453 firmwareeqmilanpi_1.0.0.9

CPE	Name	Operator	Version
amd:epyc_72f3_firmware	amd epyc 72f3 firmware	eq	milanpi_1.0.0.9
amd:epyc_7313_firmware	amd epyc 7313 firmware	eq	milanpi_1.0.0.9
amd:epyc_7313p_firmware	amd epyc 7313p firmware	eq	milanpi_1.0.0.9
amd:epyc_7343_firmware	amd epyc 7343 firmware	eq	milanpi_1.0.0.9
amd:epyc_7373x_firmware	amd epyc 7373x firmware	eq	milanpi_1.0.0.9
amd:epyc_73f3_firmware	amd epyc 73f3 firmware	eq	milanpi_1.0.0.9
amd:epyc_7413_firmware	amd epyc 7413 firmware	eq	milanpi_1.0.0.9
amd:epyc_7443_firmware	amd epyc 7443 firmware	eq	milanpi_1.0.0.9
amd:epyc_7443p_firmware	amd epyc 7443p firmware	eq	milanpi_1.0.0.9
amd:epyc_7453_firmware	amd epyc 7453 firmware	eq	milanpi_1.0.0.9

Rows per page:

1-10 of 481

References

www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

21.5%

JSON

Related for CVE-2021-46775

prion1 cvelist1 amd1