CVE-2021-46765

Severity CVSS v4.0:

Pending analysis

Type:

CWE-125 Out-of-bounds Read

Publication date:

09/05/2023

Last modified:

27/01/2025

Description

Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.

Impact

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 7.50 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x

7.50

Severity 3.x

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:amd:ryzen_6600h_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6600h:-:::::::*
cpe:2.3:o:amd:ryzen_6600hs_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6600hs:-:::::::*
cpe:2.3:o:amd:ryzen_6600u_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6600u:-:::::::*
cpe:2.3:o:amd:ryzen_6800h_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6800h:-:::::::*
cpe:2.3:o:amd:ryzen_6800hs_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6800hs:-:::::::*
cpe:2.3:o:amd:ryzen_6800u_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6800u:-:::::::*
cpe:2.3:o:amd:ryzen_6900hs_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6900hs:-:::::::*
cpe:2.3:o:amd:ryzen_6900hx_firmware:rembrandtpi-fp7_1.0.0.5:::::::*

To consult the complete list of CPE names with products and versions, see this page

CPE	From	Up to
cpe:2.3:o:amd:ryzen_6600h_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6600h:-:::::::*
cpe:2.3:o:amd:ryzen_6600hs_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6600hs:-:::::::*
cpe:2.3:o:amd:ryzen_6600u_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6600u:-:::::::*
cpe:2.3:o:amd:ryzen_6800h_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6800h:-:::::::*
cpe:2.3:o:amd:ryzen_6800hs_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6800hs:-:::::::*
cpe:2.3:o:amd:ryzen_6800u_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6800u:-:::::::*
cpe:2.3:o:amd:ryzen_6900hs_firmware:rembrandtpi-fp7_1.0.0.5:::::::*
cpe:2.3:h:amd:ryzen_6900hs:-:::::::*
cpe:2.3:o:amd:ryzen_6900hx_firmware:rembrandtpi-fp7_1.0.0.5:::::::*

CVE-2021-46765

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools