Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smm vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2022-32470
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack c...
Insyde Insydeh2o
7
CVSSv3
CVE-2022-32476
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be m...
Insyde Insydeh2o
7
CVSSv3
CVE-2022-32477
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This atta...
Insyde Insydeh2o
7
CVSSv3
CVE-2022-32478
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mi...
Insyde Insydeh2o
7
CVSSv3
CVE-2022-32469
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitig...
Insyde Insydeh2o
7
CVSSv3
CVE-2022-32473
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be ...
Insyde Insydeh2o
7
CVSSv3
CVE-2022-32474
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This ...
Insyde Insydeh2o
9.8
CVSSv3
CVE-2022-23820
Failure to validate the AMD SMM communication buffer may allow an malicious user to corrupt the SMRAM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 9 3900 Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 9 3900x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 9 3900x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 9 3900xt Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 9 3900xt Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 9 3950x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 9 3950x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 7 3700x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 7 3700x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 7 3800x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 7 3800x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 7 3800xt Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 7 3800xt Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 5 3500 Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 5 3500 Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 5 3500x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 5 3500x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 5 3600 Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 5 3600 Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 5 3600x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 5 3600x Firmware Comboam4 V2 Pi 1.2.0.8
5.3
CVSSv3
CVE-2022-23830
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
Amd Epyc 9654p Firmware
Amd Epyc 9654 Firmware
Amd Epyc 9634 Firmware
Amd Epyc 9554p Firmware
Amd Epyc 9554 Firmware
Amd Epyc 9534 Firmware
Amd Epyc 9474f Firmware
Amd Epyc 9454p Firmware
Amd Epyc 9454 Firmware
Amd Epyc 9374f Firmware
Amd Epyc 9354p Firmware
Amd Epyc 9354 Firmware
Amd Epyc 9334 Firmware
Amd Epyc 9274f Firmware
Amd Epyc 9254 Firmware
Amd Epyc 9224 Firmware
Amd Epyc 9174f Firmware
Amd Epyc 9124 Firmware
Amd Epyc 9684x Firmware
Amd Epyc 9384x Firmware
Amd Epyc 9184x Firmware
Amd Epyc 9754 Firmware
9.8
CVSSv3
CVE-2022-23821
Improper access control in System Management Mode (SMM) may allow an malicious user to write to SPI ROM potentially leading to arbitrary code execution.
Amd Ryzen 9 3900 Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 9 3900 Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 9 3900x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 9 3900x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 9 3900xt Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 9 3900xt Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 9 3950x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 9 3950x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 7 3700x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 7 3700x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 7 3800x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 7 3800x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 7 3800xt Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 7 3800xt Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 5 3500 Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 5 3500 Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 5 3500x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 5 3500x Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 5 3600 Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 5 3600 Firmware Comboam4 V2 Pi 1.2.0.8
Amd Ryzen 5 3600x Firmware Comboam4 Pi 1.0.0.9
Amd Ryzen 5 3600x Firmware Comboam4 V2 Pi 1.2.0.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »