CPE Details
Advanced Micro Devices (AMD) Ryzen 3 3300u Firmware ComboAM4PI 1.0.0.9
comboam4pi_1.0.0.9
2023-09-22
16h08 +00:00
16h08 +00:00
2023-09-22
16h08 +00:00
16h08 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:amd:ryzen_3_3300u_firmware:comboam4pi_1.0.0.9:*:*:*:*:*:*:*
Informations
Vendor
amdProduct
ryzen_3_3300u_firmwareVersion
comboam4pi_1.0.0.9Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution. | 8.2 |
High |
||
| A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability. | 6 |
Medium |
||
| TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service. | 5.7 |
Medium |
||
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 5.5 |
Medium |
||
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 4.4 |
Medium |
||
| Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. | 7.8 |
High |
||
| An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service. | 4.4 |
Medium |
2025©
tesweb SA
