CVE-2024-56161

HIGH Year: 2024
CVSS v3 Score
7.2
High
Weakness Type
CWE-347
View all →

Vulnerability Description

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.

Related Vulnerabilities

CVE-2020-26122

HIGH
CVSS:7.2(High)

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller (BMC) program of INSPUR server is weak in check...

CWE-3472020

CVE-2020-9047

HIGH
CVSS:7.2(High)

A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterpri...

CWE-3472020

CVE-2021-22708

HIGH
CVSS:7.2(High)

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all version...

CWE-3472021

CVE-2021-22734

HIGH
CVSS:7.2(High)

Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthori...

CWE-3472021

CVE-2021-22735

HIGH
CVSS:7.2(High)

Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied ...

CWE-3472021

CVE-2021-32977

HIGH
CVSS:7.2(High)

AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data.

CWE-3472021