CVE-2022-23820
Vulnerability Summary
Timeline
Description
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
- v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Trends
Current EPSS score: 0.15%• Percentile: 35%
Techniques & Countermeasures
- CWE-20•Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Affected Systems
- amd•3rd gen amd epyc™ processors
various
- amd•amd athlon™ 3000 series desktop processors with radeon™ graphics “picasso” am4
various
- amd•amd athlon™ 3000 series mobile processors with radeon™ graphics “pollock”
various
- amd•amd epyc™ embedded 7003
various
- amd•amd ryzen™ 3000 series mobile processor with radeon™ graphics “picasso” fp5
various
- amd•amd ryzen™ 4000 series mobile processors with radeon™ graphics “renoir” fp6
various
- amd•amd ryzen™ 5000 series desktop processor with radeon™ graphics “cezanne”
various
- amd•amd ryzen™ 5000 series desktop processors “vermeer”
various
- amd•amd ryzen™ 5000 series mobile processors with radeon™ graphics “cezanne”
various
- amd•amd ryzen™ 5000 series mobile processors with radeon™ graphics “lucienne”
various
- amd•amd ryzen™ 5000 series processors with radeon™ graphics “barcelo”
various
- amd•amd ryzen™ 6000 series processors with radeon™ graphics "rembrandt"
various
- amd•amd ryzen™ 7030 series mobile processors with radeon™ graphics “barcelo-r”
various
- amd•amd ryzen™ 7035 series processors with radeon™ graphics “rembrandt-r”
various
- amd•amd ryzen™ threadripper™ 2000 series processors “colfax”
Various
- amd•amd ryzen™ threadripper™ 3000 series processors “castle peak” hedt
various
- amd•amd ryzen™ threadripper™ pro 3000wx series processors “chagall” ws
various
- amd•amd ryzen™ threadripper™ pro processors “castle peak” ws sp3
various
- amd•athlon_3015ce_firmware
pollockpi-ft5_1.0.0.5
- amd•athlon_3015e_firmware
pollockpi-ft5_1.0.0.5
- amd•ryzen_3_3100_firmware
comboam4_pi_1.0.0.9 | comboam4_v2_pi_1.2.0.8
- amd•ryzen_3_3300u_firmware
picassopi-fp5_1.0.0.e
- amd•ryzen_3_3300x_firmware
comboam4_pi_1.0.0.9 | comboam4_v2_pi_1.2.0.8
- amd•ryzen_3_3350u_firmware
picassopi-fp5_1.0.0.e
- amd•ryzen_3_4300u_firmware
renoirpi-fp6_1.0.0.9
- amd•ryzen_3_5100_firmware
comboam4v2_pi_1.2.0.8
- amd•ryzen_3_5125c_firmware
cezannepi-fp6_1.0.0.b
- amd•ryzen_3_5400u_firmware
cezannepi-fp6_1.0.0.b
- amd•ryzen_3_5425u_firmware
cezannepi-fp6_1.0.0.b
- amd•ryzen_3_7335u_firmware
rembrandtpi-fp7_1.0.0.2
- amd•ryzen_5_3450u_firmware
picassopi-fp5_1.0.0.e
- amd•ryzen_5_3500_firmware
comboam4_pi_1.0.0.9 | comboam4_v2_pi_1.2.0.8
- amd•ryzen_5_3500c_firmware
picassopi-fp5_1.0.0.e
- amd•ryzen_5_3500u_firmware
picassopi-fp5_1.0.0.e
- amd•ryzen_5_3500x_firmware
comboam4_pi_1.0.0.9 | comboam4_v2_pi_1.2.0.8
- amd•ryzen_5_3550h_firmware
picassopi-fp5_1.0.0.e
- amd•ryzen_5_3580u_firmware
picassopi-fp5_1.0.0.e
- amd•ryzen_5_3600_firmware
comboam4_pi_1.0.0.9 | comboam4_v2_pi_1.2.0.8
- amd•ryzen_5_3600x_firmware
comboam4_pi_1.0.0.9 | comboam4_v2_pi_1.2.0.8
- amd•ryzen_5_3600xt_firmware
comboam4_pi_1.0.0.9 | comboam4_v2_pi_1.2.0.8
- amd•ryzen_5_4500u_firmware
renoirpi-fp6_1.0.0.9
- amd•ryzen_5_4600h_firmware
renoirpi-fp6_1.0.0.9
- amd•ryzen_5_4600hs_firmware
renoirpi-fp6_1.0.0.9
- amd•ryzen_5_4600u_firmware
renoirpi-fp6_1.0.0.9
- amd•ryzen_5_4680u_firmware
renoirpi-fp6_1.0.0.9
- amd•ryzen_5_5500_firmware
comboam4v2_pi_1.2.0.8
- amd•ryzen_5_55003xd_firmware
comboam4v2_pi_1.2.0.8
- amd•ryzen_5_5500h_firmware
cezannepi-fp6_1.0.0.b
- amd•ryzen_5_5500x_firmware
comboam4v2_pi_1.2.0.8
- amd•ryzen_5_5560u_firmware
cezannepi-fp6_1.0.0.b
Showing first 50 affected entries in server-rendered view.