Description
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.
Related CPE's
o
amd
ryzen_3_3300_firmware
h
amd
ryzen_3_3300
o
amd
ryzen_3_3300x_firmware
h
amd
ryzen_3_3300x
o
amd
ryzen_5_3600_firmware
h
amd
ryzen_5_3600
o
amd
ryzen_5_3600x_firmware
h
amd
ryzen_5_3600x
o
amd
ryzen_7_3700_firmware
h
amd
ryzen_7_3700
o
amd
ryzen_7_3700x_firmware
h
amd
ryzen_7_3700x
o
amd
ryzen_9_3800x_firmware
h
amd
ryzen_9_3800x
o
amd
ryzen_9_3850x_firmware
h
amd
ryzen_9_3850x
o
amd
athlon_pro_300ge_firmware
h
amd
athlon_pro_300ge
o
amd
athlon_gold_3150ge_firmware
h
amd
athlon_gold_3150ge
o
amd
athlon_gold_pro_3150ge_firmware
h
amd
athlon_gold_pro_3150ge
o
amd
athlon_gold_3150g_firmware
h
amd
athlon_gold_3150g
o
amd
athlon_gold_pro_3150g_firmware
h
amd
athlon_gold_pro_3150g
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2023-08-08T18:15:11.173
1 year agoLast modified
2023-08-21T16:56:48.850
1 year ago