Advanced Micro Devices (AMD) Ryzen 3 3250c Firmware ComboAM4PI 1.0.0.9

CPE Details

Advanced Micro Devices (AMD) Ryzen 3 3250c Firmware ComboAM4PI 1.0.0.9
amd
ryzen_3_3250c_firmware
comboam4pi_1.0.0.9
2023-09-22
16h08 +00:00
2023-09-22
16h08 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:amd:ryzen_3_3250c_firmware:comboam4pi_1.0.0.9:*:*:*:*:*:*:*

Informations

Vendor

amd

Product

ryzen_3_3250c_firmware

Version

comboam4pi_1.0.0.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-20521 2023-11-14 18h52 +00:00 TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
5.7
Medium
CVE-2023-20597 2023-09-20 17h32 +00:00 Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
5.5
Medium
CVE-2023-20594 2023-09-20 17h27 +00:00 Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.
4.4
Medium
CVE-2021-26371 2023-05-09 18h59 +00:00 A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure.
5.5
Medium
CVE-2021-26365 2023-05-09 18h58 +00:00 Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents.
8.2
High
CVE-2021-26354 2023-05-09 18h58 +00:00 Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity.
5.5
Medium