🚨 CVE-2021-26387
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD signing keys and the BIOS menu or UEFI
shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
🎖@cveNotify
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD signing keys and the BIOS menu or UEFI
shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
🎖@cveNotify
AMD
AMD Server Vulnerabilities – August 2024
🚨 CVE-2021-46746
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing
keys to c006Frrupt the return address, causing a
stack-based buffer overrun, potentially leading to a denial of service.
🎖@cveNotify
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing
keys to c006Frrupt the return address, causing a
stack-based buffer overrun, potentially leading to a denial of service.
🎖@cveNotify
AMD
AMD Server Vulnerabilities – August 2024
🚨 CVE-2021-46772
Insufficient input validation in the ABL may allow a privileged
attacker with access to the BIOS menu or UEFI shell to tamper with the
structure headers in SPI ROM causing an out of bounds memory read and write,
potentially resulting in memory corruption or denial of service.
🎖@cveNotify
Insufficient input validation in the ABL may allow a privileged
attacker with access to the BIOS menu or UEFI shell to tamper with the
structure headers in SPI ROM causing an out of bounds memory read and write,
potentially resulting in memory corruption or denial of service.
🎖@cveNotify
AMD
AMD Server Vulnerabilities – August 2024
🚨 CVE-2022-23815
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
🎖@cveNotify
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
🎖@cveNotify
AMD
Client Vulnerabilities – Aug 2024
🚨 CVE-2022-23817
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.
🎖@cveNotify
Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.
🎖@cveNotify
AMD
Client Vulnerabilities – Aug 2024
🚨 CVE-2023-20509
An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity.
🎖@cveNotify
An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity.
🎖@cveNotify
AMD
AMD Graphics Driver Vulnerabilities – August 2024
🚨 CVE-2023-20510
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.
🎖@cveNotify
An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.
🎖@cveNotify
AMD
AMD Graphics Driver Vulnerabilities – August 2024
🚨 CVE-2023-20512
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage.
🎖@cveNotify
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage.
🎖@cveNotify
AMD
AMD Graphics Driver Vulnerabilities – August 2024
🚨 CVE-2023-20513
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service.
🎖@cveNotify
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service.
🎖@cveNotify
AMD
AMD Graphics Driver Vulnerabilities – August 2024
🚨 CVE-2023-20518
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
🎖@cveNotify
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
🎖@cveNotify
AMD
AMD Server Vulnerabilities – August 2024
🚨 CVE-2023-20578
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and access to the
BIOS menu or UEFI shell to modify the communications buffer potentially
resulting in arbitrary code execution.
🎖@cveNotify
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and access to the
BIOS menu or UEFI shell to modify the communications buffer potentially
resulting in arbitrary code execution.
🎖@cveNotify
AMD
AMD Server Vulnerabilities – August 2024
🚨 CVE-2023-20584
IOMMU improperly handles certain special address
ranges with invalid device table entries (DTEs), which may allow an attacker
with privileges and a compromised Hypervisor to
induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a
loss of guest integrity.
🎖@cveNotify
IOMMU improperly handles certain special address
ranges with invalid device table entries (DTEs), which may allow an attacker
with privileges and a compromised Hypervisor to
induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a
loss of guest integrity.
🎖@cveNotify
AMD
AMD Server Vulnerabilities – August 2024
🚨 CVE-2023-20591
Improper re-initialization of IOMMU during the DRTM event
may permit an untrusted platform configuration to persist, allowing an attacker
to read or modify hypervisor memory, potentially resulting in loss of
confidentiality, integrity, and availability.
🎖@cveNotify
Improper re-initialization of IOMMU during the DRTM event
may permit an untrusted platform configuration to persist, allowing an attacker
to read or modify hypervisor memory, potentially resulting in loss of
confidentiality, integrity, and availability.
🎖@cveNotify
AMD
AMD Server Vulnerabilities – August 2024
🚨 CVE-2023-31304
Improper input validation in SMU may allow an attacker with privileges and a compromised physical function (PF) to modify the PCIe® lane count and speed, potentially leading to a loss of availability.
🎖@cveNotify
Improper input validation in SMU may allow an attacker with privileges and a compromised physical function (PF) to modify the PCIe® lane count and speed, potentially leading to a loss of availability.
🎖@cveNotify
AMD
AMD Graphics Driver Vulnerabilities – August 2024
🚨 CVE-2024-20082
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529.
🎖@cveNotify
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529.
🎖@cveNotify
MediaTek
August 2024
🚨 CVE-2024-20083
In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502.
🎖@cveNotify
In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502.
🎖@cveNotify
MediaTek
August 2024
🚨 CVE-2024-36136
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
🎖@cveNotify
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Avalanche 6.4.4 (CVE-2024-38652, CVE-2024-38653, CVE-2024-36136, CVE-2024-37399, CVE-2024-37373)
<p>Ivanti has released updates for Ivanti Avalanche, in version 6.4.4, which addresses high severity vulnerabilities. </p>
<p>We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. </p>
<p>Vulnerability Details: </p>…
<p>We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. </p>
<p>Vulnerability Details: </p>…
🚨 CVE-2024-37373
Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE.
🎖@cveNotify
Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Avalanche 6.4.4 (CVE-2024-38652, CVE-2024-38653, CVE-2024-36136, CVE-2024-37399, CVE-2024-37373)
<p>Ivanti has released updates for Ivanti Avalanche, in version 6.4.4, which addresses high severity vulnerabilities. </p>
<p>We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. </p>
<p>Vulnerability Details: </p>…
<p>We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. </p>
<p>Vulnerability Details: </p>…
🚨 CVE-2024-37399
A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
🎖@cveNotify
A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Avalanche 6.4.4 (CVE-2024-38652, CVE-2024-38653, CVE-2024-36136, CVE-2024-37399, CVE-2024-37373)
<p>Ivanti has released updates for Ivanti Avalanche, in version 6.4.4, which addresses high severity vulnerabilities. </p>
<p>We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. </p>
<p>Vulnerability Details: </p>…
<p>We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. </p>
<p>Vulnerability Details: </p>…
🚨 CVE-2024-38652
Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion.
🎖@cveNotify
Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion.
🎖@cveNotify
Ivanti
Security Advisory Ivanti Avalanche 6.4.4 (CVE-2024-38652, CVE-2024-38653, CVE-2024-36136, CVE-2024-37399, CVE-2024-37373)
<p>Ivanti has released updates for Ivanti Avalanche, in version 6.4.4, which addresses high severity vulnerabilities. </p>
<p>We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. </p>
<p>Vulnerability Details: </p>…
<p>We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. </p>
<p>Vulnerability Details: </p>…
🚨 CVE-2024-7728
The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server.
🎖@cveNotify
The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server.
🎖@cveNotify