Lucene search
K

173 matches found

NVD
NVD
added 2023/01/11 8:15 a.m.19 views

CVE-2021-26398

Insufficient input validation in SYSKEYDERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential arbitrary code execution...

7.8CVSS7.7AI score0.00212EPSS
Exploits0References1
Prion
Prion
added 2023/01/11 8:15 a.m.26 views

Input validation

Insufficient input validation in SYSKEYDERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential arbitrary code execution...

4.3CVSS8AI score0.00212EPSS
Exploits0References1Affected Software64
Prion
Prion
added 2023/01/11 8:15 a.m.20 views

Input validation

Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...

3.2CVSS5.5AI score0.00113EPSS
Exploits0References1Affected Software24
Prion
Prion
added 2023/01/11 8:15 a.m.24 views

Input validation

Insufficient input validation in SVCECCPRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential loss of integrity and availability...

3.2CVSS7.1AI score0.00176EPSS
Exploits0References1Affected Software3
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.5 views

AMD Secure Processor 安全特征问题漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP, AMD System Management Unit SMU, and AMD Secure Encrypted Virtualization SEV. An attacker could exploit this vulnerability to cause an informati...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.5 views

AMD Secure Processor 数据伪造问题漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that stems from insufficient validation of IO address mappings, resulting in a loss of memory integrity...

4.4CVSS5.1AI score0.00113EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.5 views

AMD Secure Processor 缓冲区错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. AMD Secure Processor ASP suffers from a buffer error vulnerability that stems from insufficient input validation in the SVCECCPRIMITIVE system call. An attacker could exploit this vulnerability to corrupt...

7.1CVSS7.4AI score0.00176EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.7 views

AMD Secure Processor 缓冲区错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. ASP AMD Secure Processor suffers from a buffer error vulnerability that stems from insufficient input validation in the SYSKEYDERIVE system call. An attacker could exploit this vulnerability to corrupt th...

7.8CVSS8.1AI score0.00212EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.7 views

AMD Secure Processor(ASP) 输入验证错误漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. AMD Secure Processor ASP suffers from a security vulnerability that stems from incorrect system call input validation in the Bootloader, which could allow a privileged attacker to read memory out of bound...

6.5CVSS6.5AI score0.00595EPSS
Exploits0References2
CVE
CVE
added 2023/01/10 8:56 p.m.54 views

CVE-2021-46779

CVE-2021-46779 is an AMD Secure Processor (ASP) vulnerability: insufficient input validation in the SVC_ECC_PRIMITIVE system call could allow a compromised user application or ABL to corrupt ASP OS memory, risking loss of integrity and availability. Connected sources confirm the issue and link to...

7.1CVSS7.2AI score0.00176EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/10 8:56 p.m.9 views

CVE-2021-26402

Insufficient bounds checking in ASP AMD Secure Processor firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability...

7.2AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2023/01/10 8:56 p.m.82 views

CVE-2021-26398

CVE-2021-26398 affects the AMD Secure Processor (ASP) via insufficient input validation in SYS_KEY_DERIVE. A compromised user application or ABL may corrupt ASP OS memory, potentially enabling arbitrary code execution. Public details identify the vulnerability and associated risk to ASP/firmware,...

7.8CVSS7.9AI score0.00212EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/10 8:56 p.m.9 views

CVE-2021-26396

Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...

4.7AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2023/01/10 8:56 p.m.52 views

CVE-2021-26396

The CVE-2021-26396 issue affects the AMD Secure Processor (ASP) where insufficient validation of address mapping to IO can lead to loss of memory integrity in the SNP guest. The entry is supported by multiple sources (NVD/NCSC AMD SB) detailing the vulnerability and its scope across AMD EPYC gene...

4.4CVSS5.5AI score0.00113EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/10 7:50 p.m.10 views

CVE-2021-26346

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

6.9AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.4 views

PT-2023-1488 · Amd · Amd System Management Unit +2

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified AMD System Management Unit SMU affected versions not specified AMD Secure Encrypted Virtualization SEV affected versions not specified Description: The issue is related to errors in...

5.5CVSS6.1AI score0.00185EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.7 views

PT-2023-1403 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to insufficient input validation in the ASP, which may allow an attacker with physical access to gain unauthorized write access to memory. This could...

6.2CVSS6AI score0.00275EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.5 views

PT-2023-1483 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to a Time-of-Check-to-Time-of-Use TOCTOU vulnerability in the ASP, which may allow a physical attacker to write beyond buffer bounds. This could...

5.7CVSS6.5AI score0.00179EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.4 views

PT-2023-1408 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to insufficient validation of address mapping to IO in the AMD Secure Processor, which may result in a loss of memory integrity in the SNP guest. This coul...

5CVSS4.4AI score0.00113EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.13 views

PT-2023-12087 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to the failure to validate the integer operand in the ASP bootloader, which may allow an attacker to introduce an integer overflow in the L2 directory tabl...

5.5CVSS4.6AI score0.00212EPSS
Exploits0References2
Rows per page
Query Builder