Lucene search
HistoryMay 09, 2023 - 8:15 p.m.
CVE-2021-46760
malicious
uapp
abl
out-of-bounds
memory access
sensitive information
code execution
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.003
Percentile
65.1%
A malicious or compromised UApp or ABL can send
a malformed system call to the bootloader, which may result in an out-of-bounds
memory access that may potentially lead to an attacker leaking sensitive
information or achieving code execution.
Affected configurations
Node
amdryzen_3945wx_firmwareMatchcastlepeakwspi-swrx8_1.0.0.9
amdryzen_3945wxMatch-
Node
amdryzen_3955wx_firmwareMatchcastlepeakwspi-swrx8_1.0.0.9
amdryzen_3955wxMatch-
Node
amdryzen_3960x_firmwareMatchcastlepeakwspi-swrx8_1.0.0.9
amdryzen_3960xMatch-
Node
amdryzen_3970x_firmwareMatchcastlepeakwspi-swrx8_1.0.0.9
amdryzen_3970xMatch-
Node
amdryzen_3975wx_firmwareMatchcastlepeakwspi-swrx8_1.0.0.9
amdryzen_3975wxMatch-
Node
amdryzen_3990x_firmwareMatchcastlepeakwspi-swrx8_1.0.0.9
amdryzen_3990xMatch-
Node
amdryzen_3995wx_firmwareMatchcastlepeakwspi-swrx8_1.0.0.9
amdryzen_3995wxMatch-
Node
amdryzen_3945wx_firmwareMatchchagallwspi-swrx8_1.0.0.2
amdryzen_3945wxMatch-
Node
amdryzen_3955wx_firmwareMatchchagallwspi-swrx8_1.0.0.2
amdryzen_3955wxMatch-
Node
amdryzen_3960x_firmwareMatchchagallwspi-swrx8_1.0.0.2
amdryzen_3960xMatch-
Node
amdryzen_3970x_firmwareMatchchagallwspi-swrx8_1.0.0.2
amdryzen_3970xMatch-
Node
amdryzen_3975wx_firmwareMatchchagallwspi-swrx8_1.0.0.2
amdryzen_3975wxMatch-
Node
amdryzen_3990x_firmwareMatchchagallwspi-swrx8_1.0.0.2
amdryzen_3990xMatch-
Node
amdryzen_3995wx_firmwareMatchchagallwspi-swrx8_1.0.0.2
amdryzen_3995wxMatch-
Node
amdryzen_3945wx_firmwareMatchcastlepeakpi-sp3r3_1.0.0.7
amdryzen_3945wxMatch-
Node
amdryzen_3955wx_firmwareMatchcastlepeakpi-sp3r3_1.0.0.7
amdryzen_3955wxMatch-
Node
amdryzen_3960x_firmwareMatchcastlepeakpi-sp3r3_1.0.0.7
amdryzen_3960xMatch-
Node
amdryzen_3970x_firmwareMatchcastlepeakpi-sp3r3_1.0.0.7
amdryzen_3970xMatch-
Node
amdryzen_3975wx_firmwareMatchcastlepeakpi-sp3r3_1.0.0.7
amdryzen_3975wxMatch-
Node
amdryzen_3990x_firmwareMatchcastlepeakpi-sp3r3_1.0.0.7
amdryzen_3990xMatch-
Node
amdryzen_3995wx_firmwareMatchcastlepeakpi-sp3r3_1.0.0.7
amdryzen_3995wxMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| amd | ryzen_3945wx_firmware | castlepeakwspi-swrx8_1.0.0.9 | cpe:2.3:o:amd:ryzen_3945wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* |
| amd | ryzen_3945wx | - | cpe:2.3:h:amd:ryzen_3945wx:-:*:*:*:*:*:*:* |
| amd | ryzen_3955wx_firmware | castlepeakwspi-swrx8_1.0.0.9 | cpe:2.3:o:amd:ryzen_3955wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* |
| amd | ryzen_3955wx | - | cpe:2.3:h:amd:ryzen_3955wx:-:*:*:*:*:*:*:* |
| amd | ryzen_3960x_firmware | castlepeakwspi-swrx8_1.0.0.9 | cpe:2.3:o:amd:ryzen_3960x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* |
| amd | ryzen_3960x | - | cpe:2.3:h:amd:ryzen_3960x:-:*:*:*:*:*:*:* |
| amd | ryzen_3970x_firmware | castlepeakwspi-swrx8_1.0.0.9 | cpe:2.3:o:amd:ryzen_3970x_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* |
| amd | ryzen_3970x | - | cpe:2.3:h:amd:ryzen_3970x:-:*:*:*:*:*:*:* |
| amd | ryzen_3975wx_firmware | castlepeakwspi-swrx8_1.0.0.9 | cpe:2.3:o:amd:ryzen_3975wx_firmware:castlepeakwspi-swrx8_1.0.0.9:*:*:*:*:*:*:* |
| amd | ryzen_3975wx | - | cpe:2.3:h:amd:ryzen_3975wx:-:*:*:*:*:*:*:* |
Related
prion
prion
Default credentials
2023-05-09 20:15:00
cve
cve
CVE-2021-46760
2023-05-09 20:15:12
cvelist
cvelist
CVE-2021-46760
2023-05-09 19:01:05
amd
amd
Client Vulnerabilities – May 2023
2023-05-09 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.003
Percentile
65.1%
Related for NVD:CVE-2021-46760