VYPR

CpmDisplayFeatureSmm

by AMD

CVEs (2)

  • CVE-2024-0179HigFeb 11, 2025
    risk 0.53cvss 8.2epss 0.00

    SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution.

  • CVE-2023-20555Aug 8, 2023
    risk 0.00cvss epss 0.00

    Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in SMM.