amd epyc_7f72_firmware 在命令中使用的特殊元素转义处理不恰当(命令注入)
CVE编号
CVE-2020-12946利用情况
暂无补丁情况
N/A披露时间
2021-11-17漏洞描述
Insufficient input validation in PSP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7232p_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7252_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7262_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7272_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7282_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_72f3_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7302p_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7302_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7313p_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7313_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7343_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7352_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_73f3_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7402p_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7402_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7413_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7443p_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7443_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7452_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7453_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_74f3_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7502p_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7502_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7513_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7532_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7542_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7543p_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7543_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7552_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_75f3_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7642_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7643_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7662_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7663_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7702p_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7702_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7713p_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7713_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7742_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7763_firmware | * | Up to (excluding) milanpi-sp3_1.0.0.4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7f32_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7f52_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7f72_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 系统 | amd | epyc_7h12_firmware | * | Up to (excluding) romepi-sp3_1.0.0.c | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7232p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7252 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7262 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7272 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7282 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_72f3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7302 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7302p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7313 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7313p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7343 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7352 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_73f3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7402 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7402p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7413 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7443 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7443p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7452 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7453 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_74f3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7502 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7502p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7513 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7532 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7542 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7543 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7543p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7552 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_75f3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7642 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7643 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7662 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7663 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7702 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7702p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7713 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7713p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7742 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7763 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7f32 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7f52 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7f72 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | amd | epyc_7h12 | - | - | |||||
- 攻击路径 本地
- 攻击复杂度 低
- 权限要求 低
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 无
- 完整性 高
| CWE-ID | 漏洞类型 |
| CWE-20 | 输入验证不恰当 |
| CWE-77 | 在命令中使用的特殊元素转义处理不恰当(命令注入) |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论