Lucene search

K

6 matches found

CVE
CVE
added 2022/07/14 8:15 p.m.88 views

CVE-2021-26382

An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service.

4.4CVSS5.6AI score0.00123EPSS
CVE
CVE
added 2024/02/13 8:15 p.m.82 views

CVE-2023-20579

ImproperAccess Control in the AMD SPI protection feature may allow a user with Ring0(kernel mode) privileged access to bypass protections potentially resulting inloss of integrity and availability.

6CVSS6.7AI score0.00005EPSS
CVE
CVE
added 2023/11/14 7:15 p.m.60 views

CVE-2023-20521

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.

5.7CVSS6.1AI score0.00037EPSS
CVE
CVE
added 2024/08/13 5:15 p.m.58 views

CVE-2022-23815

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

8.2CVSS8AI score0.00031EPSS
CVE
CVE
added 2023/08/08 6:15 p.m.54 views

CVE-2023-20555

Insufficient input validation inCpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwritingan arbitrary bit in an attacker-controlled pointer potentially leading toarbitrary code execution in SMM.

7.8CVSS7.7AI score0.00041EPSS
CVE
CVE
added 2024/08/13 5:15 p.m.47 views

CVE-2021-26367

A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.

6CVSS7.2AI score0.00022EPSS