CVE-2022-23817

HIGH

ASP Secure OS - Privilege Escalation

Title source: llm

Description

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.

References (1)

Core 1

Core References

Vendor Advisory

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html

Scores

CVSS v3 7.0

EPSS 0.0010

EPSS Percentile 26.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (29)

AMD/AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics ComboAM4PI 1.0.0.9

AMD/AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics ComboAM4v2 PI 1.2.0.8

AMD/AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics PicassoPI-FP5 1.0.0.E

AMD/AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics PollockPI-FT5 1.0.0.4

AMD/AMD Ryzen™ 3000 Series Desktop Processors ComboAM4V1 1.0.0.A/ComboAM4V2 1.2.0.9

AMD/AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics PicassoPI-FP5 1.0.0.E

AMD/AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics CezannePI-FP6 1.0.0.C

AMD/AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics ComboAM4v2 PI 1.2.0.8

AMD/AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics RenoirPI-FP6 1.0.0.A

AMD/AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics ComboAM4v2 PI 1.2.0.8

... and 19 more

Published Aug 13, 2024

Tracked Since Feb 18, 2026