PT-2022-21213 · Ampere · Ampere Altra Max+1
Hugo Magalhaes
·
Published
2022-06-30
·
Updated
2023-08-08
·
CVE-2022-32295
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Ampere Altra and AltraMax devices before SRP 1.09
Description
The Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component.
Recommendations
For Ampere Altra and AltraMax devices before SRP 1.09, update to SRP 1.09 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ampere Altra
Ampere Altra Max