8.2 - CVE-2022-23815

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2022-23815	First vendor Publication	2024-08-13
Vendor	Cve	Last vendor Modification	2025-03-18

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Overall CVSS Score	8.2
Base Score	8.2	Environmental Score	8.2
impact SubScore	6	Temporal Score	8.2
Exploitabality Sub Score	1.5

Attack Vector	Local	Attack Complexity	Low
Privileges Required	High	User Interaction	None
Scope	Changed	Confidentiality Impact	High
Integrity Impact	High	Availability Impact	High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	N/A	Attack Range	N/A
Cvss Impact Score	N/A	Attack Complexity	N/A
Cvss Expoit Score	N/A	Authentication	N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23815

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-787	Out-of-bounds Write (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Type	Description	Count
Os	Amd Athlon Gold 3150G Firmware cpe:2.3:o:amd:athlon_gold_3150g_firmware:-:::::::*	1
Os	Amd Athlon Gold 3150U Firmware cpe:2.3:o:amd:athlon_gold_3150u_firmware:::::::: cpe:2.3:o:amd:athlon_gold_3150u_firmware:-:::::::*	2
Os	Amd Athlon Gold Pro 3150G Firmware cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:::::::*	1
Os	Amd Athlon Gold Pro 3150Ge Firmware cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:::::::*	1
Os	Amd Athlon Pro 300Ge Firmware cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:::::::*	1
Os	Amd Athlon Silver 3050U Firmware cpe:2.3:o:amd:athlon_silver_3050u_firmware:::::::: cpe:2.3:o:amd:athlon_silver_3050u_firmware:-:::::::*	2
Os	Amd Ryzen 3 3200U Firmware cpe:2.3:o:amd:ryzen_3_3200u_firmware:comboam4v2pi_1.2.0.8:::::::* cpe:2.3:o:amd:ryzen_3_3200u_firmware:comboam4pi_1.0.0.9:::::::* cpe:2.3:o:amd:ryzen_3_3200u_firmware:::::::: cpe:2.3:o:amd:ryzen_3_3200u_firmware:-:::::::*	4
Os	Amd Ryzen 3 3250U Firmware cpe:2.3:o:amd:ryzen_3_3250u_firmware:comboam4v2pi_1.2.0.8:::::::* cpe:2.3:o:amd:ryzen_3_3250u_firmware:comboam4pi_1.0.0.9:::::::* cpe:2.3:o:amd:ryzen_3_3250u_firmware:::::::: cpe:2.3:o:amd:ryzen_3_3250u_firmware:-:::::::*	4
Os	Amd Ryzen 3 3300U Firmware cpe:2.3:o:amd:ryzen_3_3300u_firmware:comboam4v2pi_1.2.0.8:::::::* cpe:2.3:o:amd:ryzen_3_3300u_firmware:comboam4pi_1.0.0.9:::::::* cpe:2.3:o:amd:ryzen_3_3300u_firmware:::::::: cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:::::::*	4
Os	Amd Ryzen 5 3500U Firmware cpe:2.3:o:amd:ryzen_5_3500u_firmware:::::::: cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:::::::*	2
Os	Amd Ryzen 5 3550H Firmware cpe:2.3:o:amd:ryzen_5_3550h_firmware:::::::: cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:::::::*	2
Os	Amd Ryzen 5 3580U Firmware cpe:2.3:o:amd:ryzen_5_3580u_firmware:::::::: cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:::::::*	2
Os	Amd Ryzen 7 3700U Firmware cpe:2.3:o:amd:ryzen_7_3700u_firmware:::::::: cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:::::::*	2
Os	Amd Ryzen 7 3750H Firmware cpe:2.3:o:amd:ryzen_7_3750h_firmware:::::::: cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:::::::*	2
Os	Amd Ryzen 7 3780U Firmware cpe:2.3:o:amd:ryzen_7_3780u_firmware:::::::: cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:::::::*	2
Os	Amd Ryzen 7 Pro 3700U Firmware cpe:2.3:o:amd:ryzen_7_pro_3700u_firmware:::::::: cpe:2.3:o:amd:ryzen_7_pro_3700u_firmware:-:::::::*	2

Sources (Detail)

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2025-03-19 00:21:44	Multiple Updates
2025-01-03 21:20:35	Multiple Updates
2024-12-13 00:20:41	Multiple Updates
2024-08-14 09:27:28	Multiple Updates
2024-08-13 21:27:25	First insertion

Type	Count
CWE ID(s)	1
CPE ID(s)	34
Sources(s)	1

8.2 - CVE-2022-23815

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Sources (Detail)

Alert History

Global Informations

Open Standards

COMPANY

STANDARDS

RECENT POSTS

MENU