Vulnerabilities > AMD > Ryzen 5 3500 Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-08 | CVE-2023-20589 | Unspecified vulnerability in AMD products An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution. low complexity amd | 6.8 |
2023-07-24 | CVE-2023-20593 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | 5.5 |
2023-05-09 | CVE-2021-26354 | Classic Buffer Overflow vulnerability in AMD products Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity. | 5.5 |
2023-05-09 | CVE-2021-26371 | Unspecified vulnerability in AMD products A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure. | 5.5 |
2023-03-01 | CVE-2022-27672 | Unspecified vulnerability in AMD products When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. | 4.7 |
2023-01-11 | CVE-2021-26346 | Integer Overflow or Wraparound vulnerability in AMD products Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service. | 5.5 |