Ryzen 5 5560u Firmware Security Vulnerabilities and Issues — Ryzen 5 5560u Firmware CVE List

Lucene search

AmdRyzen 5 5560u Firmware

13 matches found

CVE•added 2023/01/11 8:15 a.m.•110 views

CVE-2021-26316

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.

7.8CVSS8AI score0.00075EPSS

CVE•added 2022/05/12 6:16 p.m.•87 views

CVE-2021-26366

An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity.

7.1CVSS7.1AI score0.00139EPSS

CVE•added 2022/05/12 7:15 p.m.•84 views

CVE-2021-26386

A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution.

7.8CVSS8AI score0.00206EPSS

CVE•added 2022/05/12 7:15 p.m.•83 views

CVE-2021-26317

Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution.

7.8CVSS8.1AI score0.00206EPSS

CVE•added 2022/05/12 6:16 p.m.•80 views

CVE-2021-26362

A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability.

7.1CVSS7.2AI score0.00135EPSS

CVE•added 2022/11/09 9:15 p.m.•77 views

CVE-2020-12930

Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.5AI score0.0008EPSS

CVE•added 2022/07/14 8:15 p.m.•76 views

CVE-2021-26384

A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources.

7.8CVSS7.9AI score0.00145EPSS

CVE•added 2022/11/09 9:15 p.m.•69 views

CVE-2020-12931

Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.3AI score0.0008EPSS

CVE•added 2022/11/09 9:15 p.m.•65 views

CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.

7.8CVSS8.1AI score0.001EPSS

CVE•added 2023/11/14 7:15 p.m.•65 views

CVE-2023-20563

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

7.8CVSS8.7AI score0.00144EPSS

CVE•added 2022/11/09 9:15 p.m.•62 views

CVE-2021-26391

Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.

7.8CVSS7.9AI score0.00026EPSS

CVE•added 2023/08/08 6:15 p.m.•54 views

CVE-2023-20555

Insufficient input validation inCpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwritingan arbitrary bit in an attacker-controlled pointer potentially leading toarbitrary code execution in SMM.

7.8CVSS7.7AI score0.00054EPSS

CVE•added 2023/11/14 7:15 p.m.•52 views

CVE-2023-20565

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.

7.8CVSS8.7AI score0.00144EPSS