Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NAmd Epyc 7232p
HWAmdwszystkie wersjeAmd Epyc 7232p Firmware
OSAmd< romepi-sp3_1.0.0.cAmd Epyc 7251
HWAmdwszystkie wersjeAmd Epyc 7251 Firmware
OSAmd< naplespi-sp3_1.0.0.gAmd Epyc 7252
HWAmdwszystkie wersjeAmd Epyc 7252 Firmware
OSAmd< romepi-sp3_1.0.0.cAmd Epyc 7261
HWAmdwszystkie wersjeAmd Epyc 7261 Firmware
OSAmd< naplespi-sp3_1.0.0.gAmd Epyc 7262
HWAmdwszystkie wersjeAmd Epyc 7262 Firmware
OSAmd< romepi-sp3_1.0.0.cAmd Epyc 7272
HWAmdwszystkie wersjeAmd Epyc 7272 Firmware
OSAmd< romepi-sp3_1.0.0.cAmd Epyc 7281
HWAmdwszystkie wersjeAmd Epyc 7281 Firmware
OSAmd< naplespi-sp3_1.0.0.gAmd Epyc 7282
HWAmdwszystkie wersjeAmd Epyc 7282 Firmware
OSAmd< romepi-sp3_1.0.0.cAmd Epyc 7301
HWAmdwszystkie wersjeAmd Epyc 7301 Firmware
OSAmd< naplespi-sp3_1.0.0.gAmd Epyc 7302
HWAmdwszystkie wersjeAmd Epyc 7302 Firmware
OSAmd< romepi-sp3_1.0.0.cAmd Epyc 7302p
HWAmdwszystkie wersjeAmd Epyc 7302p Firmware
OSAmd< romepi-sp3_1.0.0.cAmd Epyc 7351
HWAmdwszystkie wersjeAmd Epyc 7351 Firmware
OSAmd< naplespi-sp3_1.0.0.gAmd Epyc 7351p
HWAmdwszystkie wersjeAmd Epyc 7351p Firmware
OSAmd< naplespi-sp3_1.0.0.gAmd Epyc 7352
HWAmdwszystkie wersjeAmd Epyc 7352 Firmware
OSAmd< romepi-sp3_1.0.0.cAmd Epyc 7371
HWAmdwszystkie wersjeAmd Epyc 7371 Firmware
OSAmd< naplespi-sp3_1.0.0.g
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2023-20520CRITICAL9.8ten sam produkt
Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing...
CVE-2021-46756CRITICAL9.1ten sam produkt
Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow...
CVE-2021-26379CRITICAL9.8ten sam produkt
Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SM...
CVE-2021-26344HIGH7.2ten sam produkt
An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker ...
CVE-2023-20578HIGH7.5ten sam produkt
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS...