Products
UNKNOWN
AMD Platform Security Processor (PSP)
Source
psirt@huawei.com
Tags
CVE-2023-52712 details
Published : May 28, 2024, 7:15 a.m.
Last Modified : May 28, 2024, 12:39 p.m.
Last Modified : May 28, 2024, 12:39 p.m.
Description
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory, thus potentially leading code execution in SMM
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7.8 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
7.8
Exploitability Score
Impact Score
Base Severity
HIGH
Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
URL | Source |
---|---|
https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iiacviahpp-71ce77ee-en | psirt@huawei.com |
This website uses the NVD API, but is not approved or certified by it.