Every CVE whose affected-product data names Amd Milanpi Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-26409 — CVSS 7.8 (high): Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table (RMP) memory, potentially resulting in a loss of…
CVE-2023-20522 — CVSS 7.5 (high): Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service.
CVE-2021-46779 — CVSS 7.1 (high): Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt…
CVE-2021-46767 — CVSS 6.1 (medium): Insufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially…
CVE-2021-46768 — CVSS 5.5 (medium): Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader…
CVE-2021-46791 — CVSS 5.5 (medium): Insufficient input validation during parsing of the System Management Mode (SMM) binary may allow a maliciously crafted SMM executable…
CVE-2023-20519 — CVSS 3.3 (low): A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's…