Vulnerabilities > AMD > Epyc 7313P Firmware > milanpi.1.0.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-11 | CVE-2023-20528 | Improper Input Validation vulnerability in AMD products Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality. | 2.4 |
| 2023-01-11 | CVE-2023-20529 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD products Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service. | 7.5 |
| 2023-01-11 | CVE-2023-20530 | Improper Input Validation vulnerability in AMD products Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. | 7.5 |
| 2023-01-11 | CVE-2023-20531 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD products Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service. | 7.5 |
| 2023-01-11 | CVE-2023-20532 | Improper Input Validation vulnerability in AMD products Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service. | 5.3 |