{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-27677", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2022-03-23T14:57:22.755Z", "datePublished": "2023-02-14T19:52:28.727Z", "dateUpdated": "2025-03-19T18:52:04.925Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows", "x86"], "product": "Ryzen\u2122 Master", "vendor": " AMD", "versions": [{"lessThan": "2.10.1.2287", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2023-02-14T17:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nFailure to validate privileges during installation of AMD Ryzen\u2122 Master may allow an attacker with low\nprivileges to modify files potentially leading to privilege escalation and code execution by the lower\nprivileged user.\n\n"}], "value": "\nFailure to validate privileges during installation of AMD Ryzen\u2122 Master may allow an attacker with low\nprivileges to modify files potentially leading to privilege escalation and code execution by the lower\nprivileged user.\n\n"}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2023-03-01T05:44:22.188Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1052"}], "source": {"advisory": "\u202f\u202fAMD-SB-1052", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:32:59.928Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1052"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-269", "lang": "en", "description": "CWE-269 Improper Privilege Management"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-19T18:51:36.291843Z", "id": "CVE-2022-27677", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-19T18:52:04.925Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-27677", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2022-03-23T14:57:22.755Z", "datePublished": "2023-02-14T19:52:28.727Z", "dateUpdated": "2025-03-19T18:52:04.925Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows", "x86"], "product": "Ryzen\u2122 Master", "vendor": " AMD", "versions": [{"lessThan": "2.10.1.2287", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2023-02-14T17:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nFailure to validate privileges during installation of AMD Ryzen\u2122 Master may allow an attacker with low\nprivileges to modify files potentially leading to privilege escalation and code execution by the lower\nprivileged user.\n\n"}], "value": "\nFailure to validate privileges during installation of AMD Ryzen\u2122 Master may allow an attacker with low\nprivileges to modify files potentially leading to privilege escalation and code execution by the lower\nprivileged user.\n\n"}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2023-03-01T05:44:22.188Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1052"}], "source": {"advisory": "\u202f\u202fAMD-SB-1052", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:32:59.928Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1052"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-27677", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-19T18:51:36.291843Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-19T18:52:00.866Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:amd:ryzen_master:*:*:*:*:*:*:*:*", "matchCriteriaId": "765AC34D-482D-457C-9369-6D4BF397C2F9", "versionEndExcluding": "2.10.1.2287", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nFailure to validate privileges during installation of AMD Ryzen\u2122 Master may allow an attacker with low\nprivileges to modify files potentially leading to privilege escalation and code execution by the lower\nprivileged user.\n\n"}], "id": "CVE-2022-27677", "lastModified": "2025-03-19T19:15:37.900", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-03-01T08:15:10.407", "references": [{"source": "psirt@amd.com", "tags": ["Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1052"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1052"}], "sourceIdentifier": "psirt@amd.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}