Failure to validate the length fields of the ASP(AMD Secure Processor) sensor fusion hub headers may allow an attacker with amalicious Uapp or ABL to map the ASP sensor fusion hub region and overwritedata structures leading to a potential loss of confidentiality and integrity.
9.1CVSS
9.1AI Score
0.001EPSS
Insufficient input validation in ASP may allowan attacker with a compromised SMM to induce out-of-bounds memory reads withinthe ASP, potentially leading to a denial of service.
7.5CVSS
7.7AI Score
0.001EPSS
Insufficient input validation in ABL may enablea privileged attacker to corrupt ASP memory, potentially resulting in a loss ofintegrity or code execution.
8.8CVSS
8.8AI Score
0.001EPSS
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
4.4CVSS
4.5AI Score
0.0004EPSS
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
5.5CVSS
5AI Score
0.0004EPSS