Potential Privilege Escalation Vulnerability in ASP Secure OS
CVE-2022-23817
7HIGH
Key Information
- Vendor
- Amd
- Status
- Amd Ryzen™ 3000 Series Desktop Processors
- Amd Ryzen™ 5000 Series Desktop Processors
- Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics
- Amd Ryzen™ 7000 Series Desktop Processors
- Vendor
- CVE Published:
- 13 August 2024
Summary
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.
Affected Version(s)
AMD Ryzen™ 3000 Series Desktop Processors <= ComboAM4V1 1.0.0.A/ComboAM4V2 1.2.0.9
AMD Ryzen™ 5000 Series Desktop Processors <= ComboAM4v2 PI 1.2.0.8
AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics <= ComboAM4v2 PI 1.2.0.8
CVSS V3.1
Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database