Out of Bounds Write Vulnerability in APCB Firmware Could Lead to Arbitrary Code Execution

CVE-2022-23815

7.5HIGH

Key Information

Vendor: Amd
Status: Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics; Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics; Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics; Amd Ryzentm Embedded R1000
Vendor: CVE Published:; 13 August 2024

Summary

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

Affected Version(s)

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics <= various

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics <= PicassoPI-FP5 1.0.0.F

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics <= PollockPI-FT5 1.0.0.5

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published.
Aug 13, 2024
Vulnerability Reserved.
Jan 21, 2022

Collectors

NVD DatabaseMitre Database