Vulnerabilities (CVE)

Filtered by vendor Amd Subscribe
Filtered by product Epyc 7203 Firmware
Total 12 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31346 1 Amd 123 Epyc 7203 Firmware, Epyc 7203p, Epyc 7203p Firmware and 120 more 2024-10-24 N/A 6.0 MEDIUM
Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
CVE-2023-31347 1 Amd 123 Epyc 7203 Firmware, Epyc 7203p, Epyc 7203p Firmware and 120 more 2024-10-22 N/A 4.9 MEDIUM
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.  
CVE-2023-20578 1 Amd 210 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 207 more 2024-10-02 N/A 6.4 MEDIUM
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution.
CVE-2023-20566 1 Amd 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more 2024-06-18 N/A 7.5 HIGH
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
CVE-2023-20533 1 Amd 170 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 167 more 2024-06-18 N/A 7.5 HIGH
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
CVE-2023-20526 1 Amd 146 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 143 more 2024-06-18 N/A 4.6 MEDIUM
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.
CVE-2023-20521 1 Amd 186 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 183 more 2024-06-18 N/A 5.7 MEDIUM
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
CVE-2022-23830 1 Amd 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more 2024-06-18 N/A 5.3 MEDIUM
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
CVE-2021-46774 1 Amd 274 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 271 more 2024-06-18 N/A 7.5 HIGH
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in denial-of-service.
CVE-2021-26345 1 Amd 180 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 177 more 2024-06-18 N/A 4.9 MEDIUM
Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
CVE-2023-20573 1 Amd 130 Epyc 7203, Epyc 7203 Firmware, Epyc 7203p and 127 more 2024-02-28 N/A 3.2 LOW
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially resulting in guests not receiving expected debug information.
CVE-2023-20592 1 Amd 138 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 135 more 2024-02-28 N/A 6.5 MEDIUM
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.