Vulnerabilities > AMD > Epyc 7743 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-01-11 CVE-2023-20527 Improper Input Validation vulnerability in AMD products
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service.
network
low complexity
amd CWE-20
6.5
2023-01-11 CVE-2023-20528 Improper Input Validation vulnerability in AMD products
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality.
low complexity
amd CWE-20
2.4
2023-01-11 CVE-2023-20529 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD products
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service.
network
low complexity
amd CWE-119
7.5
2023-01-11 CVE-2023-20530 Improper Input Validation vulnerability in AMD products
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service.
network
low complexity
amd CWE-20
7.5
2023-01-11 CVE-2023-20531 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in AMD products
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service.
network
low complexity
amd CWE-119
7.5
2023-01-11 CVE-2023-20532 Improper Input Validation vulnerability in AMD products
Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service.
network
low complexity
amd CWE-20
5.3