Ryzen 7 2700u Firmware Security Vulnerabilities and Issues — Ryzen 7 2700u Firmware CVE List

Lucene search

AmdRyzen 7 2700u Firmware

10 matches found

CVE•added 2023/01/11 8:15 a.m.•110 views

CVE-2021-26316

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.

7.8CVSS8AI score0.00075EPSS

CVE•added 2022/05/12 6:16 p.m.•87 views

CVE-2021-26366

An attacker, who gained elevated privileges via some other vulnerability, may be able to read data from Boot ROM resulting in a loss of system integrity.

7.1CVSS7.1AI score0.00139EPSS

CVE•added 2022/05/12 7:15 p.m.•84 views

CVE-2021-26386

A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leading to corrupt memory and code execution.

7.8CVSS8AI score0.00206EPSS

CVE•added 2022/05/12 7:15 p.m.•83 views

CVE-2021-26317

Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary code execution.

7.8CVSS8.1AI score0.00206EPSS

CVE•added 2022/05/12 6:16 p.m.•80 views

CVE-2021-26362

A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call which results in mapping sensitive System Management Network (SMN) registers leading to a loss of integrity and availability.

7.1CVSS7.2AI score0.00135EPSS

CVE•added 2022/11/09 9:15 p.m.•77 views

CVE-2020-12930

Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.5AI score0.00061EPSS

CVE•added 2022/07/14 8:15 p.m.•76 views

CVE-2021-26384

A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources.

7.8CVSS7.9AI score0.00145EPSS

CVE•added 2022/05/12 6:16 p.m.•73 views

CVE-2021-26369

A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses.

7.8CVSS7.8AI score0.00148EPSS

CVE•added 2022/11/09 9:15 p.m.•69 views

CVE-2020-12931

Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

7.8CVSS7.3AI score0.00061EPSS

CVE•added 2022/11/09 9:15 p.m.•65 views

CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA.

7.8CVSS8.1AI score0.00076EPSS