CVE-2022-23815

moderate-risk

Published 2024-08-13

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

Do I need to act?

0.08% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

LOCAL / HIGH complexity

Affected Products (16)

Athlon Silver 3050U Firmware

Athlon Gold 3150U Firmware

Ryzen 7 3780U Firmware

Ryzen 7 3750H Firmware

Ryzen 7 Pro 3700U Firmware

Ryzen 7 3700U Firmware

Ryzen 5 3580U Firmware

Ryzen 5 3550H Firmware

Ryzen 5 3500U Firmware

Ryzen 3 3300U Firmware

Ryzen 3 3250U Firmware

Ryzen 3 3200U Firmware

Athlon Gold Pro 3150G Firmware

Athlon Gold 3150G Firmware

Athlon Gold Pro 3150Ge Firmware

Athlon Pro 300Ge Firmware

Affected Vendors

Amd

References (1)

Vendor Advisory https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html

/ 100

moderate-risk

Severity 20/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 18/34 · Moderate