CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution...

8.8CVSS8.7AI score0.00499EPSS

Exploits0References1

NVD•added 2023/05/09 7:15 p.m.•15 views

CVE-2021-26371

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure...

5.5CVSS6.2AI score0.00129EPSS

Exploits0References2

Prion•added 2023/05/09 7:15 p.m.•16 views

Information disclosure

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure...

1.7CVSS7AI score0.00129EPSS

Exploits0References2Affected Software70

Cvelist•added 2023/05/09 7:1 p.m.•11 views

CVE-2021-46773

Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution...

8.8AI score0.00499EPSS

Exploits0References1

CVE•added 2023/05/09 7:1 p.m.•44 views

CVE-2021-46773

CVE-2021-46773 involves insufficient input validation in the AMD bootloader (ABL) that may allow a privileged attacker to corrupt the AMD Secure Processor (ASP) memory, potentially resulting in loss of integrity or code execution. The connected documents provide concrete details: the vulnerabilit...

8.8CVSS8.8AI score0.00499EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/05/09 6:59 p.m.•16 views

CVE-2021-26371

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure...

6.5AI score0.00129EPSS

Exploits0References2

Vulnrichment•added 2023/05/09 6:59 p.m.•11 views

CVE-2021-26371

A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure...

7.2AI score0.00129EPSS

Exploits0References2

CVE•added 2023/05/09 6:59 p.m.•73 views

CVE-2021-26371

The CVE-2021-26371 entry concerns AMD Secure Processor (ASP)/AMD System Management Unit (SMU) where a compromised ABL or UApp could trigger a SHA256 system call to the bootloader, potentially exposing ASP memory to userspace and causing information disclosure. Technical details from connected sou...

5.5CVSS7.1AI score0.00129EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2023/05/09 12:0 a.m.•2 views

PT-2023-12093 · Amd · 1St Gen Amd Epyc™ Processors +110

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace,...

5.5CVSS6.5AI score0.00129EPSS

Exploits0References6

OSV•added 2023/01/11 8:15 a.m.•0 views

CVE-2021-26398

Insufficient input validation in SYSKEYDERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential arbitrary code execution...

7.8CVSS5.9AI score

Exploits0References1

Prion•added 2022/05/12 6:16 p.m.•12 views

Information disclosure

A malicious or compromised User Application UApp or AGESA Boot Loader ABL could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure...

2.1CVSS6AI score0.0006EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by