Vulnerabilidades en AMD
443 resultadosCVE-2021-26355MEDIUMInsufficient fencing and checks in System Management Unit (SMU) may result in access to invalid message port registers that could result in EPSS 0.2%CVE-2023-20597—Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.EPSS 0.2%CVE-2025-0014HIGHIncorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentialEPSS 0.2%CVE-2021-46768MEDIUMInsufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentEPSS 0.2%CVE-2025-62625MEDIUMImproper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentiaEPSS 0.2%CVE-2023-20516LOWImproper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentEPSS 0.2%CVE-2025-0011LOWImproper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address EPSS 0.2%CVE-2023-20582MEDIUMImproper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry (PTE) faults EPSS 0.2%CVE-2023-20579MEDIUMImproper
Access Control in the AMD SPI protection feature may allow a user with Ring0
(kernel mode) privileged access to bypass protections EPSS 0.2%CVE-2022-23815HIGHImproper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leEPSS 0.2%CVE-2021-26344HIGHAn out of bounds memory write when processing the AMD
PSP1 Configuration Block (APCB) could allow an attacker with access the ability
to modEPSS 0.2%CVE-2021-26315—When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficientEPSS 0.2%CVE-2025-48507HIGHThe security state of the calling processor into Trusted Firmware (TF-A) is not used and could potentially allow non-secure processors accesEPSS 0.2%CVE-2023-20601MEDIUMImproper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-EPSS 0.2%CVE-2024-36342HIGHImproper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execuEPSS 0.2%CVE-2023-20568—Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeEPSS 0.2%CVE-2023-20567—Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSEPSS 0.2%CVE-2023-31339MEDIUMImproper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform EPSS 0.2%CVE-2024-21953MEDIUMImproper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integriEPSS 0.2%CVE-2024-36324HIGHImproper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitEPSS 0.2%