PT-2022-3461 · Amd · Amd Secure Processor (Asp) Firmware

Published

2022-05-10

Updated

2022-05-16

CVE-2021-46771

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AMD Secure Processor (ASP) firmware (affected versions not specified)

Description The issue is related to insufficient validation of addresses in the AMD Secure Processor (ASP) firmware system call, which may lead to arbitrary code execution by a compromised user application. This could allow an attacker to execute arbitrary code in the target system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2022-04239

CVE-2021-46771

Affected Products

Amd Secure Processor (Asp) Firmware

PT-2022-3461 · Amd · Amd Secure Processor (Asp) Firmware

CVE-2021-46771

Weakness Enumeration

Related Identifiers

Affected Products

References · 4