Description
Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- AMD / 1st Gen EPYCvarious – various
- AMD / 2nd Gen EPYCVarious – Various
- AMD / 3rd Gen EPYCvarious – various
- AMD / Ryzen™ 2000 Seriesvarious – various
- AMD / Ryzen™ 3000 Seriesvarious – various
- AMD / Ryzen™ 5000 Seriesvarious – various