Search

Find a vulnerability

Search criteria

    28 vulnerabilities found for AMD Ryzen™ Embedded V1000 Series Processors by AMD

    CVE-2023-31364 (GCVE-0-2023-31364)

    Vulnerability from nvd – Published: 2026-02-26 20:33 – Updated: 2026-02-27 19:06
    VLAI
    Summary
    Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Unaffected: NaplesPI 1.0.0.R
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.N
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.H
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: TurinPI 1.0.0.7
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Unaffected: SnowyOwl_SP4_SP4r2.1.1.0.H
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.F
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 v9 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Affected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processor Affected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: EmbTurinPI-SP5 1.0.0.1
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-31364",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T19:05:49.436981Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-27T19:06:16.269Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "NaplesPI 1.0.0.R"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.N"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwl_SP4_SP4r2.1.1.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5 1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(248, 249, 250);\"\u003eImproper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.\u003c/span\u003e"
                }
              ],
              "value": "Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-26T20:33:28.086Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-31364",
        "datePublished": "2026-02-26T20:33:28.086Z",
        "dateReserved": "2023-04-27T15:25:41.429Z",
        "dateUpdated": "2026-02-27T19:06:16.269Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21970 (GCVE-0-2024-21970)

    Vulnerability from nvd – Published: 2025-09-06 17:20 – Updated: 2025-09-08 14:51
    VLAI
    Summary
    Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-129 - Improper Validation of Array Index
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ Threadripper™ 3000 Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8-1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
    Unaffected: ChagallWSPI-sWRX8-1.0.0.9
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.2
    Create a notification for this product.
    AMD Renoir Cezanne Raven Ridge Raven Ridge 2 Picasso Summit Pinnacle Ridge Matisse Vermeer Unaffected: ComboAM4v2PI_1.2.0.D
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI_1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6_1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: DragonRangeFL1 1.0.0.3d
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.2
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI_1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4PI_1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1005
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: Embedded-PI_FP7r2 100A
    Create a notification for this product.
    Date Public
    2025-09-06 16:59
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21970",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T14:51:02.904590Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T14:51:10.909Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8-1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8-1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Renoir\nCezanne\nRaven Ridge\nRaven Ridge 2\nPicasso\nSummit\nPinnacle Ridge\nMatisse\nVermeer",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI_1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6_1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1 1.0.0.3d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI_1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI_1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1005"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Embedded-PI_FP7r2 100A"
                }
              ]
            }
          ],
          "datePublic": "2025-09-06T16:59:17.867Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-129",
                  "description": "CWE-129  Improper Validation of Array Index",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-06T17:20:19.749Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21970",
        "datePublished": "2025-09-06T17:20:19.749Z",
        "dateReserved": "2024-01-03T16:43:28.699Z",
        "dateUpdated": "2025-09-08T14:51:10.909Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-21947 (GCVE-0-2024-21947)

    Vulnerability from nvd – Published: 2025-09-06 17:10 – Updated: 2026-02-26 17:49
    VLAI
    Summary
    Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1220 - Insufficient Granularity of Access Control
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ Threadripper™ 3000 Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8-1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
    Unaffected: ChagallWSPI-sWRX8-1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4 1.0.0.B
    Unaffected: ComboAM4v2PI_1.2.0.CA
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI_1.2.0.CA
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7_1.1.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: Renoir-FP6 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: Rembrandt-FP7 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: DragonRangeFL1 1.0.0.3d
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: Rembrandt-FP7 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI_1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2PI_1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 120C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5_1003
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 120C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: Embedded-PI_FP7r2 1009
    Create a notification for this product.
    Date Public
    2025-09-06 16:50
    Credits
    Reported through AMD Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21947",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-09T03:55:22.910224Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:49:10.599Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8-1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8-1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 1.0.0.B"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.1.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Renoir-FP6 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rembrandt-FP7 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1 1.0.0.3d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rembrandt-FP7 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 120C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5_1003"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 120C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Embedded-PI_FP7r2 1009"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Reported through AMD Bug Bounty Program"
            }
          ],
          "datePublic": "2025-09-06T16:50:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.\u003cbr\u003e"
                }
              ],
              "value": "Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1220",
                  "description": "CWE-1220 Insufficient Granularity of Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-23T21:24:22.687Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21947",
        "datePublished": "2025-09-06T17:10:47.951Z",
        "dateReserved": "2024-01-03T16:43:21.322Z",
        "dateUpdated": "2026-02-26T17:49:10.599Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-46750 (GCVE-0-2021-46750)

    Vulnerability from nvd – Published: 2025-09-06 16:03 – Updated: 2025-09-08 13:45
    VLAI
    Summary
    Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_0.0.8.0 RC1
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_0.0.8.0 RC1
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Unaffected: EmbeddedPI-FP7r2_1000
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 23.Q4 (23.30.13.03)
    Create a notification for this product.
    AMD AMD Radeon™ PRO V620 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    Date Public
    2025-09-06 15:42
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-46750",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T13:44:54.633621Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T13:45:05.234Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_0.0.8.0 RC1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_0.0.8.0 RC1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5_1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1000"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 23.Q4 (23.30.13.03)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V620 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            }
          ],
          "datePublic": "2025-09-06T15:42:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190  Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-06T16:03:55.584Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-46750",
        "datePublished": "2025-09-06T16:03:55.584Z",
        "dateReserved": "2022-03-31T16:50:27.866Z",
        "dateUpdated": "2025-09-08T13:45:05.234Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26377 (GCVE-0-2021-26377)

    Vulnerability from nvd – Published: 2025-09-06 15:18 – Updated: 2025-09-08 13:47
    VLAI
    Summary
    Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_0.0.8.0 RC1
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2_1000
    Create a notification for this product.
    AMD AMD Radeon™ RX 5000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
    Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W5000 Series Graphics Products Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
    Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ Instinct™ MI25 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    AMD AMD Radeon™ PRO V520 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    AMD AMD Radeon™ PRO V620 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    Date Public
    2025-09-06 14:57
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26377",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T13:46:56.766235Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T13:47:10.991Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_0.0.8.0 RC1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5_1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1000"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
                },
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
                },
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 Instinct\u2122 MI25 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V520 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V620 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            }
          ],
          "datePublic": "2025-09-06T14:57:52.467Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.\r\n\u003cbr\u003e"
                }
              ],
              "value": "Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190  Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-06T15:18:56.502Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26377",
        "datePublished": "2025-09-06T15:18:56.502Z",
        "dateReserved": "2021-01-29T21:24:26.157Z",
        "dateUpdated": "2025-09-08T13:47:10.991Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20599 (GCVE-0-2023-20599)

    Vulnerability from nvd – Published: 2025-06-10 16:15 – Updated: 2026-02-26 17:51
    VLAI
    Summary
    Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1262 - Register Interface Allows Software Access to Sensitive Data or Security Settings
    Assigner
    AMD
    Date Public
    2025-11-21 20:45
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20599",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T04:01:37.861337Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:02.287Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 100H SEV 0.24.19 [hex 00.18.13]"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3_1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5_1.0.1.2c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1211"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1211"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1006"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1211 RC1"
                }
              ]
            }
          ],
          "datePublic": "2025-11-21T20:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP\u2019s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality.\u003cbr\u003e"
                }
              ],
              "value": "Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP\u2019s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.9,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1262",
                  "description": "CWE-1262  Register Interface Allows Software Access to Sensitive Data or Security Settings",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-23T16:43:00.282Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7039.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20599",
        "datePublished": "2025-06-10T16:15:03.641Z",
        "dateReserved": "2022-10-27T18:53:39.763Z",
        "dateUpdated": "2026-02-26T17:51:02.287Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21981 (GCVE-0-2024-21981)

    Vulnerability from nvd – Published: 2024-08-13 16:54 – Updated: 2024-08-15 18:09
    VLAI
    Summary
    Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Affected: various
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    amd athlon Affected: 0 , < * (custom)
        cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen Affected: 0 , < * (custom)
        cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc Affected: 0 , < * (custom)
        cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "athlon",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21981",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T17:56:59.454756Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-639",
                    "description": "CWE-639 Authorization Bypass Through User-Controlled Key",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-15T18:09:24.358Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "PI",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper key usage control in AMD Secure Processor\n(ASP) may allow an attacker with local access \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003ewho has gained arbitrary code\nexecution privilege in ASP\u0026nbsp;\u003c/a\u003eto\nextract ASP cryptographic keys, potentially resulting in loss of\nconfidentiality and integrity.\n\n\u003cdiv\u003e\n\n\n\n\n\n\u003cdiv\u003e\n\n\u003cdiv\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\n\n\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Improper key usage control in AMD Secure Processor\n(ASP) may allow an attacker with local access who has gained arbitrary code\nexecution privilege in ASP\u00a0to\nextract ASP cryptographic keys, potentially resulting in loss of\nconfidentiality and integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:54:58.122Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21981",
        "datePublished": "2024-08-13T16:54:58.122Z",
        "dateReserved": "2024-01-03T16:43:30.197Z",
        "dateUpdated": "2024-08-15T18:09:24.358Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20518 (GCVE-0-2023-20518)

    Vulnerability from nvd – Published: 2024-08-13 16:52 – Updated: 2024-11-05 17:10
    VLAI
    Summary
    Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.4 (PI)
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4V1 1.0.0.A
    Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Unaffected: ComboAM4V1 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.F
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.5
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20518",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T14:20:09.090291Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-459",
                    "description": "CWE-459 Incomplete Cleanup",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T17:10:30.170Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.4",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.6"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5   1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.5"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:52:55.976Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20518",
        "datePublished": "2024-08-13T16:52:55.976Z",
        "dateReserved": "2022-10-27T18:53:39.736Z",
        "dateUpdated": "2024-11-05T17:10:30.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23817 (GCVE-0-2022-23817)

    Vulnerability from nvd – Published: 2024-08-13 16:51 – Updated: 2026-05-15 03:03
    VLAI
    Summary
    Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.5
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4V1 1.0.0.A
    Unaffected: ComboAM4V2 1.2.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 2000 Mobile Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Unaffected: ComboAM4PI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso") Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processor Unaffected: EmbeddedPI-FP6_1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2_1002
    Create a notification for this product.
    AMD AMD Radeon™ RX 5000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W5000 Series Graphics Products Unaffected: AMD Software: PRO Edition 22.Q2 (22.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 22.Q2 (22.10.20)
    Create a notification for this product.
    AMD MI-25 / 50 Unaffected: No fix planned
    Create a notification for this product.
    AMD MI-100 Unaffected: ROCm 6.4.2
    Create a notification for this product.
    AMD AMD Instinct™ MI250 Unaffected: ROCm 7.0
    Create a notification for this product.
    AMD AMD Instinct™ MI210 Unaffected: ROCm 7.0
    Create a notification for this product.
    amd ryzen_3_3300x_firmware Unaffected: 0 , < comboam4v2_1.2.0.a (custom)
        cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_3300u_firmware Unaffected: 0 , < picassopi-fp5_1.0.0.e (custom)
        cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_pro_3200g_firmware Unaffected: 0 , < comboam4v2_pi_1.2.0.8 (custom)
        cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_7500f_firmware Unaffected: 0 , < comboam5_1.0.8.0 (custom)
        cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_3995wx_firmware Unaffected: 0 , < castlepeakpi-sp3r3_1.0.0.8 (custom)
        cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_3995wx_firmware Unaffected: 0 , < castlepeakwspi-swrx8_1.0.0.a (custom)
        cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_5995wx_firmware Unaffected: 0 , < chagallwspi-swrx8_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_4300u_firmware Unaffected: 0 , < renoirpi-fp6_1.0.0.a (custom)
        cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_6600u_firmware Unaffected: 0 , < rembrandtpi-fp7_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_7335u_firmware Unaffected: 0 , < rembrandtpi-fp7_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7_7745hx_firmware Unaffected: 0 , < dragonrangefl1pi_1.0.0.3b (custom)
        cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_5600x_firmware Unaffected: 0 , < comboam4v2_pi_1.2.0.8 (custom)
        cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_5300g_firmware Unaffected: 0 , < cezannepi-fp6_1.0.0.c (custom)
        cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_5425c_firmware Unaffected: 0 , < cezannepi-fp6_1.0.0.c (custom)
        cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd athlon_pro_300ge_firmware Unaffected: 0 , < picassopi-fp5_1.0.0.e (custom)
        cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-05-15 03:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_3300x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_1.2.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_3300u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "picassopi-fp5_1.0.0.e",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_pro_3200g_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_pi_1.2.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_7500f_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam5_1.0.8.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_3995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "castlepeakpi-sp3r3_1.0.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_3995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "castlepeakwspi-swrx8_1.0.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_5995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "chagallwspi-swrx8_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_4300u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "renoirpi-fp6_1.0.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_6600u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "rembrandtpi-fp7_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_7335u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "rembrandtpi-fp7_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_7_7745hx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "dragonrangefl1pi_1.0.0.3b",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_5600x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_pi_1.2.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_5300g_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "cezannepi-fp6_1.0.0.c",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_5425c_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "cezannepi-fp6_1.0.0.c",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "athlon_pro_300ge_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "picassopi-fp5_1.0.0.e",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T17:51:43.434721Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-16T20:27:19.545Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.5"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 2000 Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1002"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 22.Q2 (22.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 22.Q2 (22.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "MI-25 / 50",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "No fix planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "MI-100",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 6.4.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI250",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 7.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI210",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 7.0"
                }
              ]
            }
          ],
          "datePublic": "2026-05-15T03:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.\u003cbr\u003e"
                }
              ],
              "value": "Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20  Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T03:03:25.036Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2022-23817",
        "datePublished": "2024-08-13T16:51:45.468Z",
        "dateReserved": "2022-01-21T17:14:12.302Z",
        "dateUpdated": "2026-05-15T03:03:25.036Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-46772 (GCVE-0-2021-46772)

    Vulnerability from nvd – Published: 2024-08-13 16:50 – Updated: 2024-11-05 21:18
    VLAI
    Summary
    Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.E (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.8
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.4
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-46772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T14:19:27.997821Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T21:18:50.631Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.E",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3  1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3  1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.4"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service.\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Insufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:54.016Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-46772",
        "datePublished": "2024-08-13T16:50:54.016Z",
        "dateReserved": "2022-03-31T16:50:27.872Z",
        "dateUpdated": "2024-11-05T21:18:50.631Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-46746 (GCVE-0-2021-46746)

    Vulnerability from nvd – Published: 2024-08-13 16:50 – Updated: 2024-10-31 13:57
    VLAI
    Summary
    Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3b
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.2
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-46746",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T16:06:22.367564Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T13:57:25.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "PollockPI-FT5  1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.2"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eLack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (\u003ca target=\"_blank\" rel=\"nofollow\"\u003eTEE\u003c/a\u003e) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, \u003ca target=\"_blank\" rel=\"nofollow\"\u003epotentially\u003c/a\u003e\u0026nbsp;leading to a denial of service.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, potentially\u00a0leading to a denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:51.023Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-46746",
        "datePublished": "2024-08-13T16:50:51.023Z",
        "dateReserved": "2022-03-31T16:50:27.864Z",
        "dateUpdated": "2024-10-31T13:57:25.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26387 (GCVE-0-2021-26387)

    Vulnerability from nvd – Published: 2024-08-13 16:50 – Updated: 2024-10-30 17:59
    VLAI
    Summary
    Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.9
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T15:47:34.441746Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-30T17:59:30.394Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "PI",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5  1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.9"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected \u003ca target=\"_blank\" rel=\"nofollow\"\u003eareas,\u003c/a\u003e\u0026nbsp;potentially leading to a loss of platform integrity.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected areas,\u00a0potentially leading to a loss of platform integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:22.151Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26387",
        "datePublished": "2024-08-13T16:50:22.151Z",
        "dateReserved": "2021-01-29T21:24:26.161Z",
        "dateUpdated": "2024-10-30T17:59:30.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26367 (GCVE-0-2021-26367)

    Vulnerability from nvd – Published: 2024-08-13 16:50 – Updated: 2024-12-04 16:25
    VLAI
    Summary
    A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Cards Unaffected: AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Cards Unaffected: AMD Software: PRO Edition 23.Q4 (23.30.13.03)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26367",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T18:04:31.680686Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T16:25:09.987Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5  1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Cards",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software:  Adrenalin Edition 23.12.1 (23.30.13.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Cards",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software:  PRO Edition 23.Q4 (23.30.13.03)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability."
                }
              ],
              "value": "A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:05.825Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26367",
        "datePublished": "2024-08-13T16:50:05.825Z",
        "dateReserved": "2021-01-29T21:24:26.151Z",
        "dateUpdated": "2024-12-04T16:25:09.987Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26344 (GCVE-0-2021-26344)

    Vulnerability from nvd – Published: 2024-08-13 16:49 – Updated: 2025-03-18 15:35
    VLAI
    Summary
    An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.6
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: Various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.4
    Create a notification for this product.
    amd naplespi Affected: 0 , < 1.0.0.k (custom)
        cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd romepi Affected: 0 , < 1.0.0.C (custom)
        cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd milanpi Affected: 0 , < 1.0.0.5 (custom)
        cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "naplespi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.k",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "romepi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.C",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "milanpi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T18:29:11.333464Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T15:35:45.232Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3  1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.4"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution.\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "An out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:49:52.889Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26344",
        "datePublished": "2024-08-13T16:49:52.889Z",
        "dateReserved": "2021-01-29T21:24:26.145Z",
        "dateUpdated": "2025-03-18T15:35:45.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-31364 (GCVE-0-2023-31364)

    Vulnerability from cvelistv5 – Published: 2026-02-26 20:33 – Updated: 2026-02-27 19:06
    VLAI
    Summary
    Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Unaffected: NaplesPI 1.0.0.R
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.N
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.H
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.G
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Processors Unaffected: TurinPI 1.0.0.7
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Unaffected: SnowyOwl_SP4_SP4r2.1.1.0.H
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.F
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 v9 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Affected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processor Affected: EmbGenoaPI-SP5 1.0.0.B
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: EmbTurinPI-SP5 1.0.0.1
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Affected: No Fix Planned
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-31364",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-27T19:05:49.436981Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-27T19:06:16.269Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "NaplesPI 1.0.0.R"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.N"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.G"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwl_SP4_SP4r2.1.1.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 v9 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbGenoaPI-SP5 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbTurinPI-SP5 1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(248, 249, 250);\"\u003eImproper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service.\u003c/span\u003e"
                }
              ],
              "value": "Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-26T20:33:28.086Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-31364",
        "datePublished": "2026-02-26T20:33:28.086Z",
        "dateReserved": "2023-04-27T15:25:41.429Z",
        "dateUpdated": "2026-02-27T19:06:16.269Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21970 (GCVE-0-2024-21970)

    Vulnerability from cvelistv5 – Published: 2025-09-06 17:20 – Updated: 2025-09-08 14:51
    VLAI
    Summary
    Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-129 - Improper Validation of Array Index
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ Threadripper™ 3000 Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8-1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
    Unaffected: ChagallWSPI-sWRX8-1.0.0.9
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.2
    Create a notification for this product.
    AMD Renoir Cezanne Raven Ridge Raven Ridge 2 Picasso Summit Pinnacle Ridge Matisse Vermeer Unaffected: ComboAM4v2PI_1.2.0.D
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI_1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6_1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: DragonRangeFL1 1.0.0.3d
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.2
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI_1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4PI_1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1005
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: Embedded-PI_FP7r2 100A
    Create a notification for this product.
    Date Public
    2025-09-06 16:59
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21970",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T14:51:02.904590Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T14:51:10.909Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8-1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8-1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Renoir\nCezanne\nRaven Ridge\nRaven Ridge 2\nPicasso\nSummit\nPinnacle Ridge\nMatisse\nVermeer",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI_1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6_1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1 1.0.0.3d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI_1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI_1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1005"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Embedded-PI_FP7r2 100A"
                }
              ]
            }
          ],
          "datePublic": "2025-09-06T16:59:17.867Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-129",
                  "description": "CWE-129  Improper Validation of Array Index",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-06T17:20:19.749Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21970",
        "datePublished": "2025-09-06T17:20:19.749Z",
        "dateReserved": "2024-01-03T16:43:28.699Z",
        "dateUpdated": "2025-09-08T14:51:10.909Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-21947 (GCVE-0-2024-21947)

    Vulnerability from cvelistv5 – Published: 2025-09-06 17:10 – Updated: 2026-02-26 17:49
    VLAI
    Summary
    Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1220 - Insufficient Granularity of Access Control
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ Threadripper™ 3000 Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8-1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
    Unaffected: ChagallWSPI-sWRX8-1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4 1.0.0.B
    Unaffected: ComboAM4v2PI_1.2.0.CA
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI_1.2.0.CA
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7_1.1.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: Renoir-FP6 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: Rembrandt-FP7 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: DragonRangeFL1 1.0.0.3d
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: Rembrandt-FP7 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6_1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI_1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2PI_1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 120C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5_1003
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 120C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: Embedded-PI_FP7r2 1009
    Create a notification for this product.
    Date Public
    2025-09-06 16:50
    Credits
    Reported through AMD Bug Bounty Program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21947",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-09T03:55:22.910224Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:49:10.599Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8-1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8-1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 1.0.0.B"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7_1.1.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Renoir-FP6 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rembrandt-FP7 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1 1.0.0.3d"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rembrandt-FP7 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6_1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI_1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 120C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5_1003"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 120C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Embedded-PI_FP7r2 1009"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Reported through AMD Bug Bounty Program"
            }
          ],
          "datePublic": "2025-09-06T16:50:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.\u003cbr\u003e"
                }
              ],
              "value": "Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1220",
                  "description": "CWE-1220 Insufficient Granularity of Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-23T21:24:22.687Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21947",
        "datePublished": "2025-09-06T17:10:47.951Z",
        "dateReserved": "2024-01-03T16:43:21.322Z",
        "dateUpdated": "2026-02-26T17:49:10.599Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-46750 (GCVE-0-2021-46750)

    Vulnerability from cvelistv5 – Published: 2025-09-06 16:03 – Updated: 2025-09-08 13:45
    VLAI
    Summary
    Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_0.0.8.0 RC1
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_0.0.8.0 RC1
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Unaffected: EmbeddedPI-FP7r2_1000
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 23.Q4 (23.30.13.03)
    Create a notification for this product.
    AMD AMD Radeon™ PRO V620 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    Date Public
    2025-09-06 15:42
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-46750",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T13:44:54.633621Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T13:45:05.234Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_0.0.8.0 RC1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_0.0.8.0 RC1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5_1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1000"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 23.Q4 (23.30.13.03)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V620 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            }
          ],
          "datePublic": "2025-09-06T15:42:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.\u003cbr\u003e"
                }
              ],
              "value": "Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190  Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-06T16:03:55.584Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-46750",
        "datePublished": "2025-09-06T16:03:55.584Z",
        "dateReserved": "2022-03-31T16:50:27.866Z",
        "dateUpdated": "2025-09-08T13:45:05.234Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26377 (GCVE-0-2021-26377)

    Vulnerability from cvelistv5 – Published: 2025-09-06 15:18 – Updated: 2025-09-08 13:47
    VLAI
    Summary
    Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_0.0.8.0 RC1
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2_1000
    Create a notification for this product.
    AMD AMD Radeon™ RX 5000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
    Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W5000 Series Graphics Products Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
    Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ Instinct™ MI25 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    AMD AMD Radeon™ PRO V520 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    AMD AMD Radeon™ PRO V620 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    Date Public
    2025-09-06 14:57
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26377",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T13:46:56.766235Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T13:47:10.991Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_0.0.8.0 RC1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5_1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1000"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
                },
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
                },
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 Instinct\u2122 MI25 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V520 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V620 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            }
          ],
          "datePublic": "2025-09-06T14:57:52.467Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.\r\n\u003cbr\u003e"
                }
              ],
              "value": "Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190  Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-06T15:18:56.502Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26377",
        "datePublished": "2025-09-06T15:18:56.502Z",
        "dateReserved": "2021-01-29T21:24:26.157Z",
        "dateUpdated": "2025-09-08T13:47:10.991Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20599 (GCVE-0-2023-20599)

    Vulnerability from cvelistv5 – Published: 2025-06-10 16:15 – Updated: 2026-02-26 17:51
    VLAI
    Summary
    Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1262 - Register Interface Allows Software Access to Sensitive Data or Security Settings
    Assigner
    AMD
    Date Public
    2025-11-21 20:45
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20599",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T04:01:37.861337Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:02.287Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 100H SEV 0.24.19 [hex 00.18.13]"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3_1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.H"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5_1.0.1.2c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1211"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1211"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1006"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1211 RC1"
                }
              ]
            }
          ],
          "datePublic": "2025-11-21T20:45:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP\u2019s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality.\u003cbr\u003e"
                }
              ],
              "value": "Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP\u2019s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.9,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1262",
                  "description": "CWE-1262  Register Interface Allows Software Access to Sensitive Data or Security Settings",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-23T16:43:00.282Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7039.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20599",
        "datePublished": "2025-06-10T16:15:03.641Z",
        "dateReserved": "2022-10-27T18:53:39.763Z",
        "dateUpdated": "2026-02-26T17:51:02.287Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21981 (GCVE-0-2024-21981)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:54 – Updated: 2024-08-15 18:09
    VLAI
    Summary
    Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Affected: various
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    amd athlon Affected: 0 , < * (custom)
        cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen Affected: 0 , < * (custom)
        cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc Affected: 0 , < * (custom)
        cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "athlon",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21981",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T17:56:59.454756Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-639",
                    "description": "CWE-639 Authorization Bypass Through User-Controlled Key",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-15T18:09:24.358Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "PI",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper key usage control in AMD Secure Processor\n(ASP) may allow an attacker with local access \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003ewho has gained arbitrary code\nexecution privilege in ASP\u0026nbsp;\u003c/a\u003eto\nextract ASP cryptographic keys, potentially resulting in loss of\nconfidentiality and integrity.\n\n\u003cdiv\u003e\n\n\n\n\n\n\u003cdiv\u003e\n\n\u003cdiv\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\n\n\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Improper key usage control in AMD Secure Processor\n(ASP) may allow an attacker with local access who has gained arbitrary code\nexecution privilege in ASP\u00a0to\nextract ASP cryptographic keys, potentially resulting in loss of\nconfidentiality and integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:54:58.122Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21981",
        "datePublished": "2024-08-13T16:54:58.122Z",
        "dateReserved": "2024-01-03T16:43:30.197Z",
        "dateUpdated": "2024-08-15T18:09:24.358Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20518 (GCVE-0-2023-20518)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:52 – Updated: 2024-11-05 17:10
    VLAI
    Summary
    Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.4 (PI)
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4V1 1.0.0.A
    Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Unaffected: ComboAM4V1 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.F
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.5
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20518",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T14:20:09.090291Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-459",
                    "description": "CWE-459 Incomplete Cleanup",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T17:10:30.170Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.4",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.6"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5   1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.5"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:52:55.976Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20518",
        "datePublished": "2024-08-13T16:52:55.976Z",
        "dateReserved": "2022-10-27T18:53:39.736Z",
        "dateUpdated": "2024-11-05T17:10:30.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23817 (GCVE-0-2022-23817)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:51 – Updated: 2026-05-15 03:03
    VLAI
    Summary
    Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.5
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4V1 1.0.0.A
    Unaffected: ComboAM4V2 1.2.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 2000 Mobile Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Unaffected: ComboAM4PI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso") Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processor Unaffected: EmbeddedPI-FP6_1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2_1002
    Create a notification for this product.
    AMD AMD Radeon™ RX 5000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W5000 Series Graphics Products Unaffected: AMD Software: PRO Edition 22.Q2 (22.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 22.Q2 (22.10.20)
    Create a notification for this product.
    AMD MI-25 / 50 Unaffected: No fix planned
    Create a notification for this product.
    AMD MI-100 Unaffected: ROCm 6.4.2
    Create a notification for this product.
    AMD AMD Instinct™ MI250 Unaffected: ROCm 7.0
    Create a notification for this product.
    AMD AMD Instinct™ MI210 Unaffected: ROCm 7.0
    Create a notification for this product.
    amd ryzen_3_3300x_firmware Unaffected: 0 , < comboam4v2_1.2.0.a (custom)
        cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_3300u_firmware Unaffected: 0 , < picassopi-fp5_1.0.0.e (custom)
        cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_pro_3200g_firmware Unaffected: 0 , < comboam4v2_pi_1.2.0.8 (custom)
        cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_7500f_firmware Unaffected: 0 , < comboam5_1.0.8.0 (custom)
        cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_3995wx_firmware Unaffected: 0 , < castlepeakpi-sp3r3_1.0.0.8 (custom)
        cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_3995wx_firmware Unaffected: 0 , < castlepeakwspi-swrx8_1.0.0.a (custom)
        cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_5995wx_firmware Unaffected: 0 , < chagallwspi-swrx8_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_4300u_firmware Unaffected: 0 , < renoirpi-fp6_1.0.0.a (custom)
        cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_6600u_firmware Unaffected: 0 , < rembrandtpi-fp7_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_7335u_firmware Unaffected: 0 , < rembrandtpi-fp7_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7_7745hx_firmware Unaffected: 0 , < dragonrangefl1pi_1.0.0.3b (custom)
        cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_5600x_firmware Unaffected: 0 , < comboam4v2_pi_1.2.0.8 (custom)
        cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_5300g_firmware Unaffected: 0 , < cezannepi-fp6_1.0.0.c (custom)
        cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_5425c_firmware Unaffected: 0 , < cezannepi-fp6_1.0.0.c (custom)
        cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd athlon_pro_300ge_firmware Unaffected: 0 , < picassopi-fp5_1.0.0.e (custom)
        cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-05-15 03:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_3300x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_1.2.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_3300u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "picassopi-fp5_1.0.0.e",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_pro_3200g_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_pi_1.2.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_7500f_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam5_1.0.8.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_3995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "castlepeakpi-sp3r3_1.0.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_3995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "castlepeakwspi-swrx8_1.0.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_5995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "chagallwspi-swrx8_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_4300u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "renoirpi-fp6_1.0.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_6600u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "rembrandtpi-fp7_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_7335u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "rembrandtpi-fp7_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_7_7745hx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "dragonrangefl1pi_1.0.0.3b",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_5600x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_pi_1.2.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_5300g_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "cezannepi-fp6_1.0.0.c",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_5425c_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "cezannepi-fp6_1.0.0.c",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "athlon_pro_300ge_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "picassopi-fp5_1.0.0.e",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T17:51:43.434721Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-16T20:27:19.545Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.5"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 2000 Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1002"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 22.Q2 (22.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 22.Q2 (22.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "MI-25 / 50",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "No fix planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "MI-100",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 6.4.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI250",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 7.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI210",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 7.0"
                }
              ]
            }
          ],
          "datePublic": "2026-05-15T03:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.\u003cbr\u003e"
                }
              ],
              "value": "Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20  Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T03:03:25.036Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2022-23817",
        "datePublished": "2024-08-13T16:51:45.468Z",
        "dateReserved": "2022-01-21T17:14:12.302Z",
        "dateUpdated": "2026-05-15T03:03:25.036Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-46772 (GCVE-0-2021-46772)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:50 – Updated: 2024-11-05 21:18
    VLAI
    Summary
    Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.E (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.8
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.4
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-46772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T14:19:27.997821Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T21:18:50.631Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.E",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3  1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3  1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.4"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service.\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Insufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:54.016Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-46772",
        "datePublished": "2024-08-13T16:50:54.016Z",
        "dateReserved": "2022-03-31T16:50:27.872Z",
        "dateUpdated": "2024-11-05T21:18:50.631Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-46746 (GCVE-0-2021-46746)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:50 – Updated: 2024-10-31 13:57
    VLAI
    Summary
    Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3b
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.2
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-46746",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T16:06:22.367564Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T13:57:25.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "PollockPI-FT5  1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.2"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eLack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (\u003ca target=\"_blank\" rel=\"nofollow\"\u003eTEE\u003c/a\u003e) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, \u003ca target=\"_blank\" rel=\"nofollow\"\u003epotentially\u003c/a\u003e\u0026nbsp;leading to a denial of service.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, potentially\u00a0leading to a denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:51.023Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-46746",
        "datePublished": "2024-08-13T16:50:51.023Z",
        "dateReserved": "2022-03-31T16:50:27.864Z",
        "dateUpdated": "2024-10-31T13:57:25.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26387 (GCVE-0-2021-26387)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:50 – Updated: 2024-10-30 17:59
    VLAI
    Summary
    Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.9
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T15:47:34.441746Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-30T17:59:30.394Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "PI",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5  1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.9"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected \u003ca target=\"_blank\" rel=\"nofollow\"\u003eareas,\u003c/a\u003e\u0026nbsp;potentially leading to a loss of platform integrity.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected areas,\u00a0potentially leading to a loss of platform integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:22.151Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26387",
        "datePublished": "2024-08-13T16:50:22.151Z",
        "dateReserved": "2021-01-29T21:24:26.161Z",
        "dateUpdated": "2024-10-30T17:59:30.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26367 (GCVE-0-2021-26367)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:50 – Updated: 2024-12-04 16:25
    VLAI
    Summary
    A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Cards Unaffected: AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Cards Unaffected: AMD Software: PRO Edition 23.Q4 (23.30.13.03)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26367",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T18:04:31.680686Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-04T16:25:09.987Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5  1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Cards",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software:  Adrenalin Edition 23.12.1 (23.30.13.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Cards",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software:  PRO Edition 23.Q4 (23.30.13.03)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability."
                }
              ],
              "value": "A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:05.825Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6005.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26367",
        "datePublished": "2024-08-13T16:50:05.825Z",
        "dateReserved": "2021-01-29T21:24:26.151Z",
        "dateUpdated": "2024-12-04T16:25:09.987Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26344 (GCVE-0-2021-26344)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:49 – Updated: 2025-03-18 15:35
    VLAI
    Summary
    An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.6
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: Various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.4
    Create a notification for this product.
    amd naplespi Affected: 0 , < 1.0.0.k (custom)
        cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd romepi Affected: 0 , < 1.0.0.C (custom)
        cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd milanpi Affected: 0 , < 1.0.0.5 (custom)
        cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "naplespi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.k",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "romepi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.C",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "milanpi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T18:29:11.333464Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T15:35:45.232Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3  1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.4"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution.\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "An out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:49:52.889Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26344",
        "datePublished": "2024-08-13T16:49:52.889Z",
        "dateReserved": "2021-01-29T21:24:26.145Z",
        "dateUpdated": "2025-03-18T15:35:45.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }