Vulnerabilities > AMD > Ryzen 5 5600Ge Firmware > cezannepi.fp6.1.0.0.b
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-14 | CVE-2021-46758 | Unspecified vulnerability in AMD products Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity. low complexity amd | 6.1 |
2023-11-14 | CVE-2023-20563 | Improper Privilege Management vulnerability in AMD products Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-20565 | Improper Privilege Management vulnerability in AMD products Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-20571 | Race Condition vulnerability in AMD products A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. | 8.1 |
2023-11-14 | CVE-2023-20596 | Unspecified vulnerability in AMD products Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution. | 9.8 |
2023-09-20 | CVE-2023-20594 | Improper Initialization vulnerability in AMD products Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 4.4 |
2023-09-20 | CVE-2023-20597 | Improper Initialization vulnerability in AMD products Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | 5.5 |
2023-08-08 | CVE-2023-20569 | Information Exposure Through Discrepancy vulnerability in multiple products A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. | 4.7 |
2023-04-02 | CVE-2023-20558 | Unspecified vulnerability in AMD products Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges. | 8.8 |
2023-04-02 | CVE-2023-20559 | Unspecified vulnerability in AMD products Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges. | 8.8 |