Insufficient Input Validation in AMD Software Management Utility
CVE-2021-46763
7.5HIGH
Summary
The Software Management Utility from AMD suffers from insufficient input validation, which could allow a malicious actor to manipulate shared memory buffers. This may lead to writing beyond intended memory boundaries, increasing the risk of data integrity compromise and potential execution of unauthorized code.
Affected Version(s)
2nd Gen AMD EPYC™ x86 various
3rd Gen AMD EPYC™ x86 various
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved