CPE Details
Advanced Micro Devices (AMD) Athlon Pro 300ge Firmware
-
2022-02-09
12h35 +00:00
12h35 +00:00
2022-03-03
15h16 +00:00
15h16 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*
Informations
Vendor
amdProduct
athlon_pro_300ge_firmwareVersion
-Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution. | 8.2 |
Haute |
||
| A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability. | 6 |
Moyen |
||
| TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service. | 5.7 |
Moyen |
||
| Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM. | 7.8 |
Haute |
||
| A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | 5.5 |
Moyen |
||
| An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. | 6.8 |
Moyen |
||
| When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage. | 7.5 |
Haute |
2025©
tesweb SA
