nvd-json-data-feeds/CVE-2021/CVE-2021-263xx/CVE-2021-26387.json

{
  "id": "CVE-2021-26387",
  "sourceIdentifier": "psirt@amd.com",
  "published": "2024-08-13T17:15:17.563",
  "lastModified": "2024-08-13T17:15:17.563",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected areas,\u00a0potentially leading to a loss of platform integrity."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "psirt@amd.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
          "attackVector": "LOCAL",
          "attackComplexity": "HIGH",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW",
          "baseScore": 3.9,
          "baseSeverity": "LOW"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 2.7
      }
    ]
  },
  "references": [
    {
      "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html",
      "source": "psirt@amd.com"
    },
    {
      "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html",
      "source": "psirt@amd.com"
    }
  ]
}
Auto-Update: 2024-08-13T18:00:17.912966+00:00 2024-08-13 18:03:14 +00:00			`{`
			`"id": "CVE-2021-26387",`
			`"sourceIdentifier": "psirt@amd.com",`
			`"published": "2024-08-13T17:15:17.563",`
			`"lastModified": "2024-08-13T17:15:17.563",`
			`"vulnStatus": "Received",`
			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected areas,\u00a0potentially leading to a loss of platform integrity."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "psirt@amd.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "HIGH",`
			`"privilegesRequired": "HIGH",`
			`"userInteraction": "NONE",`
			`"scope": "CHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "LOW",`
			`"availabilityImpact": "LOW",`
			`"baseScore": 3.9,`
			`"baseSeverity": "LOW"`
			`},`
			`"exploitabilityScore": 0.8,`
			`"impactScore": 2.7`
			`}`
			`]`
			`},`
			`"references": [`
			`{`
			`"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html",`
			`"source": "psirt@amd.com"`
			`},`
			`{`
			`"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html",`
			`"source": "psirt@amd.com"`
			`}`
			`]`
			`}`