CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
23.1%
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.
Vendor | Product | Version | CPE |
---|---|---|---|
amd | ryzen_5_pro_3400g_firmware | - | cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:* |
amd | ryzen_5_pro_3400g | - | cpe:2.3:h:amd:ryzen_5_pro_3400g:-:*:*:*:*:*:*:* |
amd | ryzen_5_3400g_firmware | - | cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:* |
amd | ryzen_5_3400g | - | cpe:2.3:h:amd:ryzen_5_3400g:-:*:*:*:*:*:*:* |
amd | ryzen_5_pro_3400ge_firmware | - | cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:* |
amd | ryzen_5_pro_3400ge | - | cpe:2.3:h:amd:ryzen_5_pro_3400ge:-:*:*:*:*:*:*:* |
amd | ryzen_5_pro_3350g_firmware | - | cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:* |
amd | ryzen_5_pro_3350g | - | cpe:2.3:h:amd:ryzen_5_pro_3350g:-:*:*:*:*:*:*:* |
amd | ryzen_5_pro_3350ge_firmware | - | cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:* |
amd | ryzen_5_pro_3350ge | - | cpe:2.3:h:amd:ryzen_5_pro_3350ge:-:*:*:*:*:*:*:* |
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
23.1%