VYPR
Vendor

Ami

Products
8
CVEs
65
Across products
84
Status
Private

Products

8

Recent CVEs

65
View all 65 CVEs →
  • CVE-2025-33044HigOct 14, 2025
    risk 0.51cvss 7.8epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local means. Successful exploitation of this vulnerability may lead to memory corruption and impact Integrity and Availability.

  • CVE-2025-22832HigOct 14, 2025
    risk 0.51cvss 7.8epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.

  • CVE-2025-22831HigOct 14, 2025
    risk 0.51cvss 7.8epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.

  • CVE-2022-29974MedDec 9, 2024
    risk 0.28cvss 4.3epss 0.00

    AMI (aka American Megatrends) NTFS driver 1.0.0 (fixed in late 2021 or early 2022) has a buffer overflow. This driver is, for example, used in certain ASUS devices.

  • CVE-2024-54085KEVMar 11, 2025
    risk 0.15cvss epss 0.61

    AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

  • CVE-2022-2827Dec 5, 2022
    risk 0.02cvss epss 0.02

    AMI MegaRAC User Enumeration Vulnerability

  • CVE-2025-58770Dec 12, 2025
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and…

  • CVE-2025-22833Oct 14, 2025
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause a Buffer Copy without Checking Size of Input by local accessing. Successful exploitation of this vulnerability may lead to arbitrary code execution.

  • CVE-2025-33045Sep 9, 2025
    risk 0.00cvss epss 0.00

    APTIOV contains vulnerabilities in the BIOS where a privileged user may cause “Write-what-where Condition” and “Exposure of Sensitive Information to an Unauthorized Actor” through local access. The successful exploitation of these vulnerabilities can lead to information…

  • CVE-2025-22830Aug 12, 2025
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. A successful exploitation of this vulnerability may lead to resource exhaustion and impact Confidentiality, Integrity, and Availability.

  • CVE-2025-22834Aug 12, 2025
    risk 0.00cvss epss 0.00

    AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.

  • CVE-2025-33043May 29, 2025
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation locally. Successful exploitation of this vulnerability can potentially impact of integrity.

  • CVE-2024-42446May 13, 2025
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use (TOCTOU) Race Condition by local means. Successful exploitation of this vulnerability may lead to arbitrary code execution.

  • CVE-2024-54084Mar 11, 2025
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use (TOCTOU) Race Condition by local means. Successful exploitation of this vulnerability may lead to arbitrary code execution.

  • CVE-2024-33659Feb 11, 2025
    risk 0.00cvss epss 0.00

    AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Successful exploitation of these vulnerabilities may lead to overwriting arbitrary memory and execute arbitrary code at SMM level, also impacting…

  • CVE-2024-42444Jan 14, 2025
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause a TOCTOU Race Condition by local means. Successful exploitation of this vulnerability may lead to execution of arbitrary code on the target device.

  • CVE-2024-2315Nov 12, 2024
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where may cause Improper Access Control by a local attacker. Successful exploitation of this vulnerability may lead to unexpected SPI flash modifications and BIOS boot kit launches, also impacting the availability.

  • CVE-2024-33658Nov 12, 2024
    risk 0.00cvss epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and…

  • CVE-2024-33660Nov 12, 2024
    risk 0.00cvss epss 0.00

    An exploit is possible where an actor with physical access can manipulate SPI flash without being detected.

  • CVE-2024-42442Nov 12, 2024
    risk 0.00cvss epss 0.01

    APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System…