Amd ryzen 5000 series mobile processors with radeon graphics cezanne
This hub aggregates every CVE we track for Amd ryzen 5000 series mobile processors with radeon graphics cezanne, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
11
CVEs tracked
2
Critical
7
High
0
In CISA KEV
Severity distribution
HIGH7MEDIUM2CRITICAL2
Monthly trend
0
0
0
0
0
0
0
6
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 11 most recently published vulnerabilities affecting Amd ryzen 5000 series mobile processors with radeon graphics cezanne.
- CVE-2024-36347Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrit...6.4
- CVE-2023-31345Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5
- CVE-2023-31343Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5
- CVE-2023-31342Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5
- CVE-2023-20515Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.5.7
- CVE-2024-0179SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution.8.2
- CVE-2024-21925Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.8.2
- CVE-2023-20596Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution. 9.8
- CVE-2022-23821Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution. 9.8
- CVE-2022-23820Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.7.5
- CVE-2023-20555Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary ...7.8
Product normalization is registry-driven with AI assist and human review. How it works