Advanced Micro Devices (AMD) Epyc 7642 Firmware Romepi 1.0.0.d

CPE Details

Advanced Micro Devices (AMD) Epyc 7642 Firmware Romepi 1.0.0.d
amd
epyc_7642_firmware
romepi_1.0.0.d
2023-05-18
19h39 +00:00
2023-07-14
13h17 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:amd:epyc_7642_firmware:romepi_1.0.0.d:*:*:*:*:*:*:*

Informations

Vendor

amd

Product

epyc_7642_firmware

Version

romepi_1.0.0.d

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-20578 2024-08-13 16h52 +00:00 A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.
7.5
High
CVE-2021-26345 2023-11-14 18h53 +00:00 Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
4.9
Medium
CVE-2021-46774 2023-11-14 18h52 +00:00 Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
7.5
High
CVE-2023-20520 2023-05-09 18h36 +00:00 Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution.
9.8
Critical
CVE-2021-26379 2023-05-09 18h36 +00:00 Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially leading to a loss of integrity and privilege escalation.
9.8
Critical
CVE-2023-20525 2023-01-10 20h57 +00:00 Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service.
6.5
Medium