7.8
CVE-2021-46757
- EPSS 0.08%
- Veröffentlicht 13.02.2024 20:15:50
- Zuletzt bearbeitet 07.05.2025 22:15:15
- Quelle psirt@amd.com
- Teams Watchlist Login
- Unerledigt Login
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Amd ≫ Ryzen Embedded 5950e Firmware Version < embam4pi_1.0.0.0
Amd ≫ Ryzen Embedded 5900e Firmware Version < embam4pi_1.0.0.0
Amd ≫ Ryzen Embedded 5800e Firmware Version < embam4pi_1.0.0.0
Amd ≫ Ryzen Embedded 5600e Firmware Version < embam4pi_1.0.0.0
Amd ≫ Ryzen Embedded V2516 Firmware Version < embeddedpi-fp6_1.0.0.6
Amd ≫ Ryzen Embedded V2546 Firmware Version < embeddedpi-fp6_1.0.0.6
Amd ≫ Ryzen Embedded V2718 Firmware Version < embeddedpi-fp6_1.0.0.6
Amd ≫ Ryzen Embedded V2748 Firmware Version < embeddedpi-fp6_1.0.0.6
Amd ≫ Ryzen Embedded R2312 Firmware Version < embeddedpi-fp6_1.0.0.6
Amd ≫ Ryzen Embedded R2314 Firmware Version < embeddedpi-fp6_1.0.0.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.235 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.