Skip to main content

Ryzen 3 3350U Firmware

6 CVEs product

Monthly

CVE-2023-20521 MEDIUM This Month

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Epyc 7001 Firmware Epyc 7251 Firmware Epyc 7261 Firmware Epyc 7281 Firmware +89
NVD
CVSS 3.1
5.7
EPSS
0.3%
CVE-2023-20597 MEDIUM This Month

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Ryzen 3 3100 Firmware Ryzen 3 3200G Firmware Ryzen 3 3200Ge Firmware +98
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-20594 MEDIUM This Month

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Epyc 7003 Firmware Epyc 72F3 Firmware Epyc 7313 Firmware +122
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-20555 HIGH This Week

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Ryzen 3 3300 Firmware Ryzen 3 3300X Firmware +117
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-20559 HIGH This Week

Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ryzen 7 5700G Firmware Ryzen 7 5700Ge Firmware Ryzen 5 5600G Firmware Ryzen 5 5600Ge Firmware +85
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-20558 HIGH This Week

Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ryzen 7 5700G Firmware Ryzen 7 5700Ge Firmware Ryzen 5 5600G Firmware Ryzen 5 5600Ge Firmware +85
NVD
CVSS 3.1
8.8
EPSS
0.7%
EPSS 0% CVSS 5.7
MEDIUM This Month

TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Epyc 7001 Firmware Epyc 7251 Firmware +91
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Ryzen 3 3100 Firmware +100
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Epyc 7003 Firmware +124
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +119
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ryzen 7 5700G Firmware Ryzen 7 5700Ge Firmware +87
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ryzen 7 5700G Firmware Ryzen 7 5700Ge Firmware +87
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy