Lucene search
K
AmdEnterprise Driver

6 matches found

CVE
CVE
added 2022/11/09 8:44 p.m.86 views

CVE-2020-12930

CVE-2020-12930 is an AMD ASP/PSP driver vulnerability described as improper parameter handling that could allow a privileged attacker to elevate privileges, potentially compromising integrity. The AMD security bulletin AMD-SB-5001 maps this CVE to various AMD Embedded/ Ryzen platforms and provide...

7.8CVSS7.5AI score0.00251EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.85 views

CVE-2021-26393

CVE-2021-26393 describes insufficient memory cleanup in the AMD Secure Processor (ASP) TEE, which could allow an authenticated user with privileges to generate a valid signed TA and potentially poison process memory, leading to confidentiality loss. The connected AMD security bulletin (AMD-SB-500...

5.5CVSS6.2AI score0.00247EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.82 views

CVE-2020-12931

The CVE-2020-12931 issue affects the AMD Secure Processor (ASP) kernel, caused by improper parameter handling, enabling a privileged attacker to elevate privileges and potentially compromise integrity. AMD’s AMD-SB-5001 bulletin maps this vulnerability across ASP/PSP components (ASP kernel) and p...

7.8CVSS7.3AI score0.00251EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.78 views

CVE-2021-26392

CVE-2021-26392 involves insufficient verification of a missing size check in LoadModule, leading to an out-of-bounds write that could enable code execution in the OS/kernel via loading a malicious TA. AMD’s related bulletin (AMD-SB-5001) labels this CVE as Medium and provides mitigations through ...

7.8CVSS8.1AI score0.0026EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.77 views

CVE-2021-26360

CVE-2021-26360 describes a local-attack vulnerability in the AMD Secure Processor (ASP) where an attacker with local access can modify the security configuration of the SOC registers, potentially corrupting the ASP’s encrypted memory and enabling arbitrary code execution in the ASP environment. T...

7.8CVSS7.9AI score0.00213EPSS
CVE
CVE
added 2022/11/09 8:44 p.m.74 views

CVE-2021-26391

CVE-2021-26391 affects AMD firmware/TPM-like trust environment: insufficient verification of multiple header signatures when loading a Trusted Application (TA) may allow a privileged attacker to gain code execution in the TA or OS/kernel. AMD-SB-4001 lists this CVE as Medium severity and provides...

7.8CVSS7.9AI score0.00172EPSS