CVE-2022-23815

HIGH

7.5

Description

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

Details CVE

Score CVSS v3.17.5

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Vecteur d'attaqueLOCAL

ComplexiteHIGH

Privileges requisHIGH

Interaction utilisateurNONE

Publie8/13/2024

Derniere modification3/18/2025

Sourcenvd

Observations honeypot0

Produits affectes

amd:athlon_gold_3150gamd:athlon_gold_3150g_firmwareamd:athlon_gold_3150uamd:athlon_gold_3150u_firmwareamd:athlon_gold_pro_3150gamd:athlon_gold_pro_3150g_firmwareamd:athlon_gold_pro_3150geamd:athlon_gold_pro_3150ge_firmwareamd:athlon_pro_300geamd:athlon_pro_300ge_firmwareamd:athlon_silver_3050uamd:athlon_silver_3050u_firmwareamd:ryzen_3_3200uamd:ryzen_3_3200u_firmwareamd:ryzen_3_3250uamd:ryzen_3_3250u_firmwareamd:ryzen_3_3300uamd:ryzen_3_3300u_firmwareamd:ryzen_5_3500uamd:ryzen_5_3500u_firmwareamd:ryzen_5_3550hamd:ryzen_5_3550h_firmwareamd:ryzen_5_3580uamd:ryzen_5_3580u_firmwareamd:ryzen_7_3700uamd:ryzen_7_3700u_firmwareamd:ryzen_7_3750hamd:ryzen_7_3750h_firmwareamd:ryzen_7_3780uamd:ryzen_7_3780u_firmwareamd:ryzen_7_pro_3700uamd:ryzen_7_pro_3700u_firmware

Faiblesses (CWE)

CWE-787CWE-787

References

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html(psirt@amd.com)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.