Ryzen™ 5000 series mobile processors with radeon™ graphics “cezanne”

This hub aggregates every CVE we track for Ryzen™ 5000 series mobile processors with radeon™ graphics “cezanne”, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Ryzen™ 5000 series mobile processors with radeon™ graphics “cezanne”.

• CVE-2023-20596Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution. 9.8Nov 14, 2023
• CVE-2023-20571A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege escalation. 8.1Nov 14, 2023
• CVE-2023-20563Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. 7.8Nov 14, 2023
• CVE-2022-23821Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution. 9.8Nov 14, 2023
• CVE-2021-46758Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of ava...6.1Nov 14, 2023
• CVE-2023-20594Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access.4.4Sep 20, 2023
• CVE-2023-20555Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary ...7.8Aug 8, 2023
• CVE-2021-46794Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting i...7.5May 9, 2023
• CVE-2021-46792Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon...5.9May 9, 2023
• CVE-2021-46773Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution. 8.8May 9, 2023
• CVE-2021-46765Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. 7.5May 9, 2023
• CVE-2021-46759Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents o...6.1May 9, 2023
• CVE-2021-46756Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious Uapp or ABL to send malformed or invalid syscall to the b...9.1May 9, 2023
• CVE-2021-46755Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a...7.5May 9, 2023
• CVE-2021-46754Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the S...9.1May 9, 2023