A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage.

An insufficient DRAM address validation in PMFW may allow a privileged attacker to read from an invalid DRAM address to SRAM, potentially resulting in data corruption or denial of service.

An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity.

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space, potentially leading to privilege escalation.

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.

Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.

Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service.

Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.

A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.

An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.