Home
HIGH: 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NDefault status
affected
AIM-T Manageability Service 5.1.0.1382
unaffected
Default status
affected
AMD Cloud Manageability Service (ACMS) 2.0.0.295
unaffected
Default status
affected
AMD Management Plug-In for SCCM 8.0.0.1411
unaffected
Default status
affected
AMD Management Console (AMC) 12.0.0.1378
unaffected
Default status
affected
AMD Manageability API 8.0.0.346
unaffected
Default status
affected
DASH CLI - Command Line Application 8.0.0.318
unaffected
Description
Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution.
Problem types
CWE-427 Uncontrolled Search Path Element
Product status
AIM-T Manageability Service 5.1.0.1382
AMD Cloud Manageability Service (ACMS) 2.0.0.295
AMD Management Plug-In for SCCM 8.0.0.1411
AMD Management Console (AMC) 12.0.0.1378
AMD Manageability API 8.0.0.346
DASH CLI - Command Line Application 8.0.0.318
Credits
Reported through AMD Bug Bounty Program
References
www.amd.com/...es/product-security/bulletin/AMD-SB-9024.html