CVE-2026-20962

Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...

CVE-2026-20962

Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...

CVE-2026-20962

CVE-2026-20962 is described as a local-information-disclosure vulnerability in the Dynamic Root of Trust for Measurement (DRTM) mechanism. The initial and connected sources indicate an issue arising from use of an uninitialized resource, allowing an authorized attacker with local access to disclo...

Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability

Use of uninitialized resource in Dynamic Root of Trust for Measurement DRTM allows an authorized attacker to disclose information locally...

CVE-2023-20591

Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability...

Input validation

Insufficient input validation during parsing of the System Management Mode SMM binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement DRTM user application memory that may result in a potential denial of service...

CVE-2021-46791

Insufficient input validation during parsing of the System Management Mode SMM binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement DRTM user application memory that may result in a potential denial of service...

PT-2023-1402 · Amd · Amd Bios +1

Name of the Vulnerable Software and Affected Versions: AMD BIOS affected versions not specified Description: The issue is related to insufficient validation in ASP BIOS and DRTM commands, which may allow malicious supervisor x86 software to disclose the contents of sensitive memory, resulting in...

AMD EPYC DRTM UApp 安全漏洞

AMD EPYC is an x86 architecture server microprocessor product line from AMD Semiconductor, known in Chinese as "霄龙", which utilizes the Zen microarchitecture. A security vulnerability exists in the AMD EPYC DRTM UApp. The vulnerability arises from a partial initialization of the DRTM UApp, which...

PT-2022-6302 · Amd · System Management Mode

Name of the Vulnerable Software and Affected Versions: System Management Mode SMM affected versions not specified Description: The issue is related to the failure to validate inputs in SMM, which may allow an attacker to create a mishandled error, leaving the DRTM UApp in a partially initialized...

Force firmware code to be measured and attested by Secure Launch on Windows 10

You cannot build something great on a weak foundation – and security is no exception. Windows is filled with important security features like Hypervisor-protected code integrity HVCI and Windows Defender Credential Guard that protect users from advanced hardware and firmware attacks. For these...