Epyc 7351p Firmware@* Security Vulnerabilities and Issues — Epyc 7351p Firmware@* CVE List

Lucene search

AmdEpyc 7351p Firmware*

6 matches found

CVE•added 2023/05/09 7:15 p.m.•65 views

CVE-2021-26371

A compromised or malicious ABL or UApp couldsend a SHA256 system call to the bootloader, which may result in exposure ofASP memory to userspace, potentially leading to information disclosure.

5.5CVSS7.1AI score0.00061EPSS

CVE•added 2023/11/14 7:15 p.m.•60 views

CVE-2023-20521

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.

5.7CVSS6.1AI score0.00037EPSS

CVE•added 2023/11/14 7:15 p.m.•57 views

CVE-2021-46774

Insufficient DRAM address validation in SystemManagement Unit (SMU) may allow an attacker to read/write from/to an invalidDRAM address, potentially resulting in denial-of-service.

7.5CVSS7.8AI score0.00022EPSS

CVE•added 2023/05/09 7:15 p.m.•52 views

CVE-2021-26356

A TOCTOU in ASP bootloader may allow an attackerto tamper with the SPI ROM following data read to memory potentially resultingin S3 data corruption and information disclosure.

7.4CVSS8.4AI score0.00135EPSS

CVE•added 2023/01/11 8:15 a.m.•51 views

CVE-2021-26403

Insufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of VM confidentiality.

6.5CVSS6.9AI score0.00056EPSS

CVE•added 2023/11/14 7:15 p.m.•47 views

CVE-2023-20526

Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.

4.6CVSS5.9AI score0.0004EPSS