cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-20578,https://securityvulnerability.io/vulnerability/CVE-2023-20578,Attackers Can Modify Communications Buffer for Arbitrary Code Execution,"A vulnerability exists in the AMD BIOS stemming from a Time-of-Check Time-of-Use (TOCTOU) issue. This flaw can be exploited by attackers who have ring0 privileges and access to critical system components such as the BIOS menu or UEFI shell. By leveraging this vulnerability, an attacker could potentially alter the communications buffer, leading to the execution of arbitrary code. This capability raises significant security concerns as it may allow unauthorized access and control over affected systems.",Amd,"Amd Epyc™ 7001 Processors,Amd Epyc™ 7002 Processors,Amd Epyc™ 7003 Processors,Amd Epyc™ 9004 Processors,Amd Ryzen™ 7000 Series Desktop Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9003,Amd Ryzen™ Embedded 7000,Amd Ryzentm Embedded V3000",6.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-08-13T16:52:58.457Z,0
CVE-2023-20518,https://securityvulnerability.io/vulnerability/CVE-2023-20518,Potential Loss of Confidentiality Due to Incomplete BIOS Menu or UEFI Shell Cleanup,"A vulnerability exists in AMD's Advanced Security Platform due to incomplete cleanup processes. This flaw allows a privileged attacker, who has access to the BIOS menu or UEFI shell, to potentially expose the Master Encryption Key (MEK). The risk of memory exfiltration associated with this vulnerability may lead to a significant loss of confidentiality, allowing unauthorized access to sensitive information. Organizations using affected AMD products are urged to review their security measures and apply any available patches to mitigate the risks.",Amd,"Amd Epyc™ 9004 Series Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded 7000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",1.9,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-08-13T16:52:55.976Z,0
CVE-2022-23817,https://securityvulnerability.io/vulnerability/CVE-2022-23817,Potential Privilege Escalation Vulnerability in ASP Secure OS,A security flaw exists in the ASP Secure OS due to insufficient validation of memory buffer operations. This vulnerability permits a malicious Trusted Application (TA) to access and modify the kernel's virtual address space. Such manipulation can result in unauthorized actions allowing the attacker to escalate privileges within the affected environment. The ramifications of this vulnerability underscore the necessity for robust security measures and timely updates to the affected systems.,Amd,"Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7045 Series Mobile Processors,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded 7000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",7,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-08-13T16:51:45.468Z,0
CVE-2021-46772,https://securityvulnerability.io/vulnerability/CVE-2021-46772,Tampering with SPI ROM Structure Headers Could Lead to Memory Corruption or Denial of Service,"An input validation flaw within AMD BIOS and UEFI firmware enables a privileged attacker with access to the BIOS menu or UEFI shell to manipulate structure headers in SPI ROM. This manipulation may lead to out-of-bounds memory read and write operations, resulting in potential memory corruption or denial of service. The vulnerability emphasizes the importance of securing access to BIOS settings and implementing stringent input validation measures to mitigate risk.",Amd,"Amd Epyc™ 7002 Series Processors,Amd Epyc™ 7003 Series Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Epyc™ Embedded 7002 Series Processors,Amd Epyc™ Embedded 7003 Series Processors,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",3.9,LOW,0.00044999999227002263,false,false,false,false,,false,false,2024-08-13T16:50:54.016Z,0
CVE-2021-46746,https://securityvulnerability.io/vulnerability/CVE-2021-46746,Potential Security Vulnerability in TEE Could Lead to Denial of Service,"A vulnerability exists in the ASP Secure OS Trusted Execution Environment (TEE) due to inadequate stack protection mechanisms. This flaw could be exploited by a privileged attacker who has access to AMD signing keys to manipulate the return address, leading to a stack-based buffer overrun. Such an attack may result in a denial of service, compromising the security and functionality of the affected systems. Organizations using AMD's TEE should implement necessary mitigations to protect against potential exploitation.",Amd,"Amd Epyc™ 7001 Processors,Amd Epyc™ 7002 Processors,Amd Epyc™ 7003 Processors,Amd Epyc™ 9004 Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7045 Series Mobile Processors,Amd Epyc™ Embedded 3000 Series Processors,Amd Epyc™ Embedded 7002 Series Processors,Amd Epyc™ Embedded 7003 Series Processors,Amd Epyc™ Embedded 9003 Series Processors,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded 7000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",5.2,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-08-13T16:50:51.023Z,0
CVE-2021-26387,https://securityvulnerability.io/vulnerability/CVE-2021-26387,Potential Mapping of DRAM Regions in Protected Areas Could Lead to Loss of Platform Integrity,"An access control vulnerability within the ASP kernel of AMD products can be exploited by an attacker with privileged access. This scenario involves the attacker having access to AMD signing keys and the BIOS menu or UEFI shell. By leveraging this access, the attacker could potentially map DRAM regions in protected areas, which may compromise the integrity of the platform. It highlights a significant concern for users relying on AMD technologies who must ensure proper access controls are enforced to mitigate risks.",Amd,"Amd Epyc™ 7001 Series Processors,Amd Epyc™ 7002 Series Processors,Amd Epyc™ 7003 Series Processors,Amd Epyc™ 9004 Series Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile  Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Epyc™ Embedded 3000 Series Processors,Amd Epyc™ Embedded 7002 Series Processors,Amd Epyc™ Embedded 7003 Series Processors,Amd Epyc™ Embedded 9003 Series Processors,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",3.9,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-08-13T16:50:22.151Z,0
CVE-2021-26344,https://securityvulnerability.io/vulnerability/CVE-2021-26344,Potential Vulnerability in AMD PSP1 Configuration Block Could Allow Arbitrary Code Execution,"An out of bounds memory write vulnerability occurs when processing the AMD PSP1 Configuration Block (APCB), which could enable an attacker with necessary access to alter the BIOS image. This flaw could potentially be exploited to modify the APCB block, allowing for arbitrary code execution. Attackers capable of signing the modified BIOS images could leverage this vulnerability, potentially leading to severe security implications.",Amd,"Amd Epyc™ 7001 Series Processors,Amd Epyc™ 7002 Series Processors,Amd Epyc™ 7003 Series Processors,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro 5000wx Processors,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Processors With Radeon™ Graphics,Amd Epyc™ Embedded 7002 Series Processors,Amd Epyc™ Embedded 3000 Series Processors,Amd Epyc™ Embedded 7003 Series Processors,Amd Ryzen™ Embedded R1000 Series Processors,Amd Ryzen™ Embedded R2000 Series Processors,Amd Ryzen™ Embedded 5000 Series Processors,Amd Ryzen™ Embedded V1000 Series Processors,Amd Ryzen™ Embedded V2000 Series Processors,Amd Ryzen™ Embedded V3000 Series Processors",8.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-08-13T16:49:52.889Z,0
CVE-2023-31315,https://securityvulnerability.io/vulnerability/CVE-2023-31315,Potential vulnerability in MSR could lead to arbitrary code execution,"CVE-2023-31315 is a potential vulnerability in AMD's model specific register (MSR) that could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. The vulnerability affects the majority of AMD processors and has been patched by AMD in the Ryzen 3000 Series desktop processors. It has not been exploited by ransomware groups. Additionally, there are warnings about multiple cloud service provider attacks related to the Black Hat USA conference, and a potential vulnerability in Office that could lead to sensitive data leakage.",Amd,"3rd Gen Amd Epyc™ Processors,1st Gen Amd Epyc™ Processors,2nd Gen Amd Epyc™ Processors,4th Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 3000,Amd Epyc™ Embedded 7002,Amd Epyc™ Embedded 7003,Amd Epyc™ Embedded 9003,Amd Ryzen™ Embedded R1000,Amd Ryzen™ Embedded R2000,Amd Ryzen™ Embedded 5000,Amd Ryzen™ Embedded 7000,Amd Ryzen™ Embedded V1000,Amd Ryzen™ Embedded V2000,Amd Ryzen™ Embedded V3000,Amd Ryzen™ 3000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processors,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics,Amd Ryzen™ 7000 Series Desktop Processors,Amd Ryzen™ 4000 Series Desktop Processors With Radeon™ Graphics,Amd Ryzen™ Threadripper™ 3000 Series Processors,Amd Ryzen™ Threadripper™ Pro Processors,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics,Amd Ryzen™ 7045 Series Mobile Processors,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics,Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics,Amd Ryzen™ 8000 Series Processors With Radeon™ Graphics",7.5,HIGH,0.0004299999854993075,false,true,false,false,,false,false,2024-08-12T13:38:00.000Z,0
CVE-2023-20579,https://securityvulnerability.io/vulnerability/CVE-2023-20579,Potential Bypass of Integrity and Availability Protections in AMD SPI Protection Feature,"The vulnerability in AMD's SPI protection feature is associated with improper access controls that may enable a user with Ring0 (kernel mode) privileges to bypass security measures. This bypass could lead to significant risks, including potential loss of data integrity and system availability. Affected users should remain vigilant and apply recommended security updates as outlined in vendor advisories.",AMD,"AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics  ,AMD Ryzen™ 7000 Series Desktop Processor ,AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics ,AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics ,AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics ,AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics,AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics ,AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics ,AMD Ryzen™ 7045 Series Mobile Processors ,AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics ,AMD Ryzen™ Embedded V2000,AMD Ryzen™ Embedded V3000,AMD Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics ,AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics",6,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-02-13T19:32:11.904Z,0
CVE-2023-20565,https://securityvulnerability.io/vulnerability/CVE-2023-20565,Insufficient Protections in SMM Code in AMD Products,"The identified vulnerability arises from inadequate protections within the System Management Mode (SMM) code utilized by AMD products. This security flaw could potentially be exploited by attackers with local access, enabling them to elevate their privileges on the affected system. It is crucial for users and administrators to be aware of this issue and to follow best practices for securing their environments against possible exploitation.",AMD,"Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics  “Cezanne”,Ryzen™ 7000 Series Desktop Processors “Raphael” XD3,AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics ""Rembrandt"",AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”,AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics  “Barcelo”,AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”, Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics “Phoenix” FP7/FP7r2/FP8,AMD Ryzen™ Embedded V3000",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2023-20571,https://securityvulnerability.io/vulnerability/CVE-2023-20571,Race Condition Vulnerability in System Management Mode Affecting AMD Products,"A race condition vulnerability exists in the System Management Mode (SMM) code of various AMD processors. An attacker with access to a compromised user space can exploit this vulnerability in conjunction with CVE-2018-8897, potentially leading to privilege escalation. This may allow the attacker to gain higher access levels within the system, making it crucial for users to apply the necessary security updates to mitigate the risks associated with this vulnerability.",AMD,"Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics  “Cezanne”,Ryzen™ 7000 Series Desktop Processors “Raphael” XD3,Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”,AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics ""Rembrandt"",AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”,AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics  “Barcelo”,AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R”, Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics “Phoenix” FP7/FP7r2/FP8",8.1,HIGH,0.0017000000225380063,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2023-20563,https://securityvulnerability.io/vulnerability/CVE-2023-20563,Insufficient Protections in System Management Mode Affects AMD Products,"The identified vulnerability arises from inadequate security measures in the System Management Mode (SMM) code of AMD processors. This oversight may permit attackers with local access to escalate their privileges, potentially compromising system integrity. To mitigate risks, users are advised to apply the latest patches and follow guidelines provided by AMD to enhance their security posture against such exploitation.",Amd,"Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Ryzen™ 7000 Series Desktop Processors “raphael” Xd3,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics ""rembrandt"",Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “rembrandt-r”,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics  “barcelo”,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”,Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics “phoenix” Fp7/fp7r2/fp8,Amd Ryzen™  Embedded R1000,Amd Ryzen™  Embedded R2000,Amd Ryzen™  Embedded 5000,Amd Ryzen™  Embedded V3000",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2023-20596,https://securityvulnerability.io/vulnerability/CVE-2023-20596,Improper Input Validation in AMD Products May Lead to Arbitrary Code Execution,"An improper input validation issue within the SMM Supervisor component may allow an attacker with a compromised SMI handler to gain Ring0 access. This elevated access level can potentially lead to arbitrary code execution within the system, posing significant risks to overall system integrity and security. Users and administrators should remain vigilant and apply the latest security updates to mitigate this vulnerability.",AMD,"Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Formerly codenamed “Cezanne” AM4,Ryzen™ 7000 Series  Desktop Processors  with Radeon™ Graphics Formerly codenamed “Raphael”,Ryzen™ 7000 Series Desktop Processors with Radeon™ Graphics Formerly codenamed “Raphael” X3D,Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”,AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics ""Rembrandt"",AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics “Rembrandt-R”,Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Formerly codenamed “Phoenix”",9.8,CRITICAL,0.0024900001008063555,false,false,false,false,,false,false,2023-11-14T19:15:00.000Z,0
CVE-2022-23821,https://securityvulnerability.io/vulnerability/CVE-2022-23821,Improper Access Control Vulnerability in AMD System Management Mode,"This vulnerability involves improper access control within System Management Mode (SMM), which may permit an attacker to write to the Serial Peripheral Interface (SPI) ROM. Exploitation of this vulnerability could potentially lead to arbitrary code execution, posing significant security risks to affected systems. It is crucial for users and administrators of AMD platforms to be aware of this issue and implement necessary security measures to safeguard their environments.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse”,Ryzen™ 5000 Series Desktop Processors “vermeer”,Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics “dali”/”dali” Fp5,Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “renoir” Fp6,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics ""rembrandt"",Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “rembrandt-r”,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics  “barcelo”,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”,Amd Ryzen™  Embedded R1000,Amd Ryzen™  Embedded R2000,Amd Ryzen™  Embedded 5000,Amd Ryzen™  Embedded V1000,Amd Ryzen™  Embedded V2000,Amd Ryzen™  Embedded V3000",9.8,CRITICAL,0.0028200000524520874,false,false,false,false,,false,false,2023-11-14T18:54:32.952Z,0
CVE-2021-46758,https://securityvulnerability.io/vulnerability/CVE-2021-46758,,"Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity.








",Amd,"Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Ryzen™ 7000 Series Desktop Processors “raphael” Xd3,Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “renoir” Fp6,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics ""rembrandt"",Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “rembrandt-r”,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics  “barcelo”,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”",6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-11-14T18:54:25.467Z,0
CVE-2022-23820,https://securityvulnerability.io/vulnerability/CVE-2022-23820,Buffer Validation Flaw in AMD Products,"A buffer validation flaw in AMD's SMM communication buffer poses a security risk by allowing potential attackers to corrupt the SMRAM. This vulnerability enables the possibility of executing arbitrary code, which can lead to unauthorized access and manipulation of the system. To mitigate this risk, users are advised to apply the latest security patches from AMD.",Amd,"Ryzen™ 3000 Series Desktop Processors “matisse"",Amd Ryzen™ 5000 Series Desktop Processors “vermeer”,Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics  “cezanne”,Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics “picasso” Am4,Amd Ryzen™ Threadripper™ 2000 Series Processors “colfax”,Amd Ryzen™ Threadripper™ 3000 Series Processors “castle Peak” Hedt,Amd Ryzen™ Threadripper™ Pro Processors “castle Peak” Ws Sp3,Amd Ryzen™ Threadripper™ Pro 3000wx Series Processors  “chagall” Ws,Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics   “pollock”,Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics “picasso” Fp5,Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics “renoir” Fp6,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “lucienne”,Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics “cezanne”,Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics ""rembrandt"",Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics “rembrandt-r”,Amd Ryzen™ 5000 Series Processors With Radeon™ Graphics  “barcelo”,Amd Ryzen™ 7030 Series Mobile Processors With Radeon™ Graphics “barcelo-r”,3rd Gen Amd Epyc™ Processors,Amd Epyc™ Embedded 7003",7.5,HIGH,0.002240000059828162,false,false,false,false,,false,false,2023-11-14T18:52:21.457Z,0
CVE-2023-20594,https://securityvulnerability.io/vulnerability/CVE-2023-20594,,"
Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.

















",AMD,"Ryzen™ 3000 Series Desktop Processors “Matisse”,Ryzen™ 5000 Series Desktop Processors “Vermeer” ,Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics  “Cezanne” ,Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics “Renoir” AM4,Ryzen™ Threadripper™ 3000 Series Processors “Castle Peak” HEDT,Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS SP3,Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS SP3,Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics “Renoir” FP6,Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne” ,Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Cezanne”,Ryzen™ 6000 Series Mobile Processors with Radeon™ Graphics ""Rembrandt"",Ryzen™ 7035 Series Mobile Processors with Radeon™ Graphics ""Rembrandt-R"",Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics ""Barcelo"",Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics “Barcelo-R” ,3rd Gen AMD EPYC™ Processors",4.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2023-09-20T18:15:00.000Z,0