Out of Bounds Write Vulnerability in APCB Firmware Could Lead to Arbitrary Code Execution
CVE-2022-23815
7.5HIGH
Key Information
- Vendor
- Amd
- Status
- Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics
- Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics
- Amd Ryzen™ 3000 Series Mobile Processor With Radeon™ Graphics
- Amd Ryzentm Embedded R1000
- Vendor
- CVE Published:
- 13 August 2024
Summary
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
Affected Version(s)
AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics <= various
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics <= PicassoPI-FP5 1.0.0.F
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics <= PollockPI-FT5 1.0.0.5
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database