Vulnerabilities > Amperecomputing

DATE CVE VULNERABILITY TITLE RISK
2023-02-15 CVE-2022-46892 Unspecified vulnerability in Amperecomputing Ampere Altra Firmware and Ampere Altra MAX Firmware
In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex.
network
low complexity
amperecomputing
critical
9.8
2022-09-29 CVE-2022-35888 Information Exposure Through Discrepancy vulnerability in Amperecomputing products
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system.
network
low complexity
amperecomputing CWE-203
6.5
2022-08-17 CVE-2021-45454 Unspecified vulnerability in Amperecomputing Ampere Altra Firmware and Ampere Altra MAX Firmware
Ampere Altra before SRP 1.08b and Altra Max? before SRP 2.05 allow information disclosure of power telemetry via HWmon.
network
low complexity
amperecomputing
7.5
2022-07-01 CVE-2022-32295 Unspecified vulnerability in Amperecomputing Ampere Altra Firmware and Ampere Altra MAX Firmware
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component.
network
low complexity
amperecomputing
critical
9.8
2022-03-10 CVE-2022-25368 Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. 1.9