VYPR

Secure Processor (ASP) Boot Loader

by AMD

CVEs (5)

  • CVE-2025-48515MedFeb 10, 2026
    risk 0.35cvss epss 0.00

    Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution.

  • CVE-2025-29949MedFeb 10, 2026
    risk 0.31cvss epss 0.00

    Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.

  • CVE-2021-46755May 9, 2023
    risk 0.00cvss epss 0.01

    Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service.

  • CVE-2021-26346Jan 10, 2023
    risk 0.00cvss epss 0.00

    Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.

  • CVE-2021-26347May 11, 2022
    risk 0.00cvss epss 0.00

    Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service.