Lucene search
K

173 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/13 3:3 a.m.9 views

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS6.3AI score0.0013EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 3:3 a.m.37 views

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS0.0013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/16 6:44 p.m.4 views

CVE-2025-54510

A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity...

5.9CVSS5.8AI score0.00108EPSS
Exploits1References2
Amd
Amd
added 2026/04/14 12:0 a.m.78 views

SEV-SNP Routing Misconfiguration

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54510| A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based...

5.9CVSS5.8AI score0.00108EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.5 views

CVE-2025-29949

Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...

4.8CVSS5.5AI score0.00134EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.6 views

CVE-2025-48515

Insufficient parameter sanitization in AMD Secure Processor ASP Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution...

5.4CVSS5.8AI score0.00126EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/16 1:25 p.m.4 views

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

7.8CVSS5.6AI score0.00101EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/16 1:25 p.m.4 views

CVE-2023-31323

Type confusion in the AMD Secure Processor ASP could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent XGMI TA leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability...

8.4CVSS5.5AI score0.00131EPSS
Exploits0References1
CVE
CVE
added 2026/02/12 5:45 p.m.11 views

CVE-2023-31323

CVE-2023-31323 affects the AMD Secure Processor (ASP) with a Type confusion in the External Global Memory Interconnect Trusted Agent (XGMI TA). The issue can allow a malformed argument to be passed to XGMI TA, causing a memory safety violation and potential loss of confidentiality, integrity, or ...

8.4CVSS5.5AI score0.00131EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/12 5:45 p.m.5 views

CVE-2023-31323

Type confusion in the AMD Secure Processor ASP could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent XGMI TA leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability...

8.4CVSS5.5AI score0.00131EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/12 5:45 p.m.5 views

CVE-2023-31323

Type confusion in the AMD Secure Processor ASP could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent XGMI TA leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability...

8.4CVSS5.5AI score0.00131EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/12 5:45 p.m.30 views

CVE-2023-31323

Type confusion in the AMD Secure Processor ASP could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent XGMI TA leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability...

8.4CVSS0.00131EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 3:16 p.m.5 views

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

7.8CVSS5.8AI score0.00101EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 3:16 p.m.4 views

CVE-2023-20548

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...

7.8CVSS5.8AI score0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 2:34 p.m.4 views

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

7.1CVSS5.6AI score0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/11 2:34 p.m.23 views

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

7.1CVSS0.00101EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 2:33 p.m.4 views

CVE-2023-20514

Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...

8.7CVSS6.3AI score0.0014EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/11 2:33 p.m.4 views

CVE-2023-20514

Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...

8.7CVSS6.3AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.8 views

AMD Secure Processor 安全漏洞

The AMD Secure Processor is an independent ARM Coretex-A5 chip developed by the American semiconductor company AMD. The AMD Secure Processor has a security vulnerability that stems from improper parameter handling, which may allow for the execution of arbitrary code...

8.7CVSS6AI score0.0014EPSS
Exploits0References2
NVD
NVD
added 2026/02/10 8:16 p.m.4 views

CVE-2025-29949

Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...

4.8CVSS0.00134EPSS
Exploits0References1
Rows per page
Query Builder