Skip to main content

Ryzen 9 7900X3D Firmware

6 CVEs product

Monthly

CVE-2023-20596 CRITICAL Act Now

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Ryzen 7 5700G Firmware Ryzen 7 5700Ge Firmware Ryzen 5 5600G Firmware Ryzen 5 5600Ge Firmware +60
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-20571 HIGH This Week

A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Privilege Escalation Ryzen 3 5100 Firmware Ryzen 3 5300G Firmware Ryzen 3 5300Ge Firmware +68
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2023-20565 HIGH This Week

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Ryzen 3 5100 Firmware Ryzen 3 5300G Firmware Ryzen 3 5300Ge Firmware Ryzen 5 5500 Firmware +67
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-20563 HIGH This Week

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Ryzen 3 5100 Firmware Ryzen 3 5300G Firmware Ryzen 3 5300Ge Firmware Ryzen 5 5500 Firmware +67
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-20569 MEDIUM POC This Month

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Amd Information Disclosure Fedora Debian Linux Ryzen 9 5950X Firmware +152
NVD
CVSS 3.1
4.7
EPSS
6.2%
CVE-2023-20555 HIGH This Week

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Ryzen 3 3300 Firmware Ryzen 3 3300X Firmware +117
NVD
CVSS 3.1
7.8
EPSS
0.3%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Ryzen 7 5700G Firmware Ryzen 7 5700Ge Firmware +62
NVD
EPSS 0% CVSS 8.1
HIGH This Week

A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Privilege Escalation Ryzen 3 5100 Firmware +70
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Ryzen 3 5100 Firmware Ryzen 3 5300G Firmware +69
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Ryzen 3 5100 Firmware Ryzen 3 5300G Firmware +69
NVD
EPSS 6% CVSS 4.7
MEDIUM POC This Month

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Amd Information Disclosure Fedora +154
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +119
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy