Insufficient Input Validation in AMD Software Management Utility
CVE-2021-46763

7.5HIGH

Key Information:

Vendor
Amd
Vendor
CVE Published:
9 May 2023

Summary

The Software Management Utility from AMD suffers from insufficient input validation, which could allow a malicious actor to manipulate shared memory buffers. This may lead to writing beyond intended memory boundaries, increasing the risk of data integrity compromise and potential execution of unauthorized code.

Affected Version(s)

2nd Gen AMD EPYC™ x86 various

3rd Gen AMD EPYC™ x86 various

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.