Latest amd ryzen 5 5500h Vulnerabilities

CVE-2023-20596
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution.
Amd Ryzen 7 5700g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 5 5600g
and 122 more
CVE-2023-20571
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 138 more
CVE-2023-20565
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2023-20563
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Microsoft Windows 10<comboam4v2_1.2.0.b
Microsoft Windows 10
Amd Ryzen 3 5300g Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300g
Amd Ryzen 3 5300ge Firmware<comboam4v2_1.2.0.b
Amd Ryzen 3 5300ge
and 136 more
CVE-2022-23821
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900
Amd Ryzen 9 3900x Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900x Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900x
and 230 more
CVE-2021-46758
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availa...
Amd Ryzen 7 5700g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700g
Amd Ryzen 7 5700ge Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 7 5700ge
Amd Ryzen 5 5600g Firmware<comboam4v2_pi_1.2.0.8
Amd Ryzen 5 5600g
and 116 more
CVE-2022-23820
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900 Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900
Amd Ryzen 9 3900x Firmware=comboam4_pi_1.0.0.9
Amd Ryzen 9 3900x Firmware=comboam4_v2_pi_1.2.0.8
Amd Ryzen 9 3900x
and 224 more
CVE-2023-31320
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.
AMD Radeon Software<23.7.1
Amd Radeon Rx 5300
Amd Radeon Rx 5300 Xt
Amd Radeon Rx 5300m
Amd Radeon Rx 5500
Amd Radeon Rx 5500 Xt
and 110 more
CVE-2023-20568
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potent...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
CVE-2023-20567
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature p...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
CVE-2021-46748
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential d...
Intel Radeon Rx Vega M Firmware<23.10.01.46
Intel Core I5-8305g
Intel Core I7-8705g
Intel Core I7-8706g
Intel Core I7-8709g
Intel Nuc 8 Enthusiast Nuc8i7hnkqc
and 120 more
CVE-2023-39281
A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.
Insyde InsydeH2O=05.45.24.0039
Intel B760
Intel C262
Intel C266
Intel Core I3-1305u
Intel Core I3-13100
and 283 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203