6585 matches found
AMD Secure Processor 安全漏洞
AMD Secure Encrypted Virtualization is a product of AMD Semiconductor, Inc. AMD Secure Encrypted Virtualization is a software application.AMD System Management Unit SMU is a system management unit. AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip. A security vulnerability exists in AM...
AMD Secure Processor 缓冲区错误漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. ASP AMD Secure Processor suffers from a security vulnerability that stems from insufficient boundary checking. An attacker exploits the vulnerability to write partially controlled data to the SMM or SEV-E...
AMD Secure Processor 安全漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP, AMD System Management Unit SMU, and AMD Secure Encrypted Virtualization SEV, which stems from insufficient authentication of commands, which...
AMD Secure Processor(ASP) 安全漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. AMD Secure Processor ASP suffers from a security vulnerability that stems from the fact that TOCTOU may allow a physical attacker to write outside of buffer boundaries, which could result in loss of...
AMD Secure Processor 数据伪造问题漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that stems from insufficient validation of IO address mappings, resulting in a loss of memory integrity...
多款AMD产品 安全漏洞
The AMD System Management Unit SMU and AMD Secure Processor ASP are both products of UltraMicroelectronics AMD, Inc.The AMD System Management Unit is a system management unit.The AMD Secure Processor is a standalone AMD Secure Processor is a standalone ARM Coretex-A5 chip. A security vulnerabilit...
AMD Secure Processor (ASP) 输入验证错误漏洞
AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from UltraMicroelectronics AMD. A security vulnerability exists in AMD Secure Processor ASP that stems from insufficient validation of input. An attacker could exploit the vulnerability to gain write access to memory, resulting in loss ...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS by sending an invalid request to an exposed endpoint. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...
CVE-2021-46779
CVE-2021-46779 is an AMD Secure Processor (ASP) vulnerability: insufficient input validation in the SVC_ECC_PRIMITIVE system call could allow a compromised user application or ABL to corrupt ASP OS memory, risking loss of integrity and availability. Connected sources confirm the issue and link to...
CVE-2021-26402
Insufficient bounds checking in ASP AMD Secure Processor firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability...
CVE-2021-26398
CVE-2021-26398 affects the AMD Secure Processor (ASP) via insufficient input validation in SYS_KEY_DERIVE. A compromised user application or ABL may corrupt ASP OS memory, potentially enabling arbitrary code execution. Public details identify the vulnerability and associated risk to ASP/firmware,...
CVE-2021-26396
Insufficient validation of address mapping to IO in ASP AMD Secure Processor may result in a loss of memory integrity in the SNP guest...
CVE-2021-26396
The CVE-2021-26396 issue affects the AMD Secure Processor (ASP) where insufficient validation of address mapping to IO can lead to loss of memory integrity in the SNP guest. The entry is supported by multiple sources (NVD/NCSC AMD SB) detailing the vulnerability and its scope across AMD EPYC gene...
CVE-2021-26346
Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...
PT-2023-12585 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to insufficient input validation in the SVC ECC PRIMITIVE system call. This can be exploited by an attacker in a compromised user application or ABL to...
PT-2023-1403 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to insufficient input validation in the ASP, which may allow an attacker with physical access to gain unauthorized write access to memory. This could...
PT-2023-1236 · Schneider Electric · Ecostruxure Process Expert +4
Name of the Vulnerable Software and Affected Versions: EcoStruxure Control Expert versions prior to V2020 EcoStruxure Process Expert versions prior to V2020 Modicon M340 CPU versions prior to the latest version Modicon M580 CPU versions prior to the latest version Modicon M580 CPU Safety versions...
PT-2023-1485 · Amd · Amd Secure Encrypted Virtualization (Sev) Firmware
Name of the Vulnerable Software and Affected Versions: AMD Secure Encrypted Virtualization SEV firmware affected versions not specified Description: The issue is related to improper input validation and bounds checking in the SEV firmware, which may cause a buffer overflow in memory. This could...
PT-2023-1408 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to insufficient validation of address mapping to IO in the AMD Secure Processor, which may result in a loss of memory integrity in the SNP guest. This coul...
PT-2023-1412 · Amd · Amd Secure Processor
Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to insufficient input validation in the SYS KEY DERIVE system call, which can be exploited by an attacker to corrupt AMD Secure Processor ASP OS memory...