Amd Amd Ryzen™ Embedded 5000
12 CVEs affecting Amd Amd Ryzen™ Embedded 5000. Latest disclosed: 2025-06-27. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0179 | High | 8.2 | 2025-02-11 | SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in ar… |
CVE-2024-21925 | High | 8.2 | 2025-02-11 | Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution. |
CVE-2023-31345 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2023-31343 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2023-31342 | High | 7.5 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
CVE-2023-31315 | High | 7.5 | 2024-08-09 | Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled… |
CVE-2024-36347 | Medium | 6.4 | 2025-06-27 | Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, pot… |
CVE-2023-20515 | Medium | 5.7 | 2025-02-11 | Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integri… |
CVE-2023-20507 | Low | 2.3 | 2025-02-11 | An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity. |
CVE-2021-46757 | | 2024-02-13 | Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address spa… | |
CVE-2023-20597 | | 2023-09-20 | Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | |
CVE-2021-26392 | | 2022-11-09 | Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain cod… |