Insufficient input validation of mailbox data in theSMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentiallyleading to a loss of integrity and privilege escalation.
9.8CVSS
9.3AI Score
0.002EPSS
Insufficient validation of inputs inSVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow anattacker with a malicious Uapp or ABL to send malformed or invalid syscall tothe bootloader resulting in a potential denial of service and loss ofintegrity.
9.1CVSS
9.1AI Score
0.001EPSS
Insufficient input validation in the SMU mayallow an attacker to corrupt SMU SRAM potentially leading to a loss ofintegrity or denial of service.
9.1CVSS
6.4AI Score
0.001EPSS
Improper access control settings in ASPBootloader may allow an attacker to corrupt the return address causing astack-based buffer overrun potentially leading to arbitrary code execution.
9.8CVSS
9.6AI Score
0.003EPSS