Advanced Micro Devices (AMD) Ryzen Threadripper Pro 3945WX Firmware CastlepeakPI-SP3R2 1.1.0.8

CPE Details

Advanced Micro Devices (AMD) Ryzen Threadripper Pro 3945WX Firmware CastlepeakPI-SP3R2 1.1.0.8
amd
ryzen_threadripper_pro_3945wx_firmware
castlepeakpi-sp3r2_1.1.0.8
2023-12-07
16h55 +00:00
2023-12-07
16h55 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:castlepeakpi-sp3r2_1.1.0.8:*:*:*:*:*:*:*

Informations

Vendor

amd

Product

ryzen_threadripper_pro_3945wx_firmware

Version

castlepeakpi-sp3r2_1.1.0.8

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-23821 2023-11-14 18h54 +00:00 Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
9.8
Critical
CVE-2022-23820 2023-11-14 18h52 +00:00 Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
9.8
Critical
CVE-2021-46766 2023-11-14 18h51 +00:00 Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
5.5
Medium
CVE-2023-20558 2023-03-23 18h50 +00:00 Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges.
8.8
High
CVE-2023-20559 2023-03-23 18h49 +00:00 Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges.
8.8
High
CVE-2021-26388 2022-05-11 16h29 +00:00 Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service.
5.5
Medium
CVE-2021-26376 2022-05-11 16h28 +00:00 Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling features potentially resulting in denial of resources and/or denial of service.
5.5
Medium
CVE-2021-26373 2022-05-11 16h27 +00:00 Insufficient bound checks in the System Management Unit (SMU) may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service.
5.5
Medium
CVE-2021-26378 2022-05-11 16h23 +00:00 Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service.
5.5
Medium
CVE-2021-26375 2022-05-11 16h20 +00:00 Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.
5.5
Medium
CVE-2021-26339 2022-05-11 16h18 +00:00 A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.
5.5
Medium