Search

Find a vulnerability

Search criteria

    36 vulnerabilities found for AMD Ryzen™ Threadripper™ 3000 Series Processors by AMD

    CVE-2023-20572 (GCVE-0-2023-20572)

    Vulnerability from nvd – Published: 2026-06-26 15:53 – Updated: 2026-06-26 15:59
    VLAI
    Summary
    An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-208 - Observable timing discrepancy
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Pollock-FT5 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: Cezanne-FP6 1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile processors with Radeon™ Graphics Unaffected: Cezanne-FP6 1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: Renoir-FP6 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: Rembrandt-FP7 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Unaffected: ComboAM4PI 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.7a
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.7a
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: StormPeakPI-SP6 1.1.0.0c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000WX-Series Processors Unaffected: StormPeakPI-SP6 1.0.0.1e
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20572",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-26T15:59:13.642252Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-26T15:59:23.309Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5  1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Pollock-FT5  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Cezanne-FP6  1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Cezanne-FP6  1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Renoir-FP6  1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rembrandt-FP7  1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6  1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5  1.0.0.7a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5  1.0.0.7a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.1.0.0c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.0.0.1e"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity."
                }
              ],
              "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-208",
                  "description": "CWE-208 Observable timing discrepancy",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-26T15:53:38.503Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4012.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20572",
        "datePublished": "2026-06-26T15:53:38.503Z",
        "dateReserved": "2022-10-27T18:53:39.755Z",
        "dateUpdated": "2026-06-26T15:59:23.309Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-20540 (GCVE-0-2023-20540)

    Vulnerability from nvd – Published: 2026-06-26 15:44 – Updated: 2026-06-26 16:00
    VLAI
    Summary
    An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-208 - Observable timing discrepancy
    Assigner
    AMD
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-26T16:00:48.333509Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-26T16:00:59.349Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4  1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity."
                }
              ],
              "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 1.8,
                "baseSeverity": "LOW",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-208",
                  "description": "CWE-208 Observable timing discrepancy",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-26T15:44:59.841Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4012.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20540",
        "datePublished": "2026-06-26T15:44:59.841Z",
        "dateReserved": "2022-10-27T18:53:39.742Z",
        "dateUpdated": "2026-06-26T16:00:59.349Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0045 (GCVE-0-2025-0045)

    Vulnerability from nvd – Published: 2026-05-15 01:47 – Updated: 2026-05-15 13:35
    VLAI
    Summary
    Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Z1 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 9000 Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Extreme Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 2000 Mobile Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 4005 Series Processors Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 4004 Series Processors Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD EPYC™ 4005 Series Processors Unaffected: AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    Date Public
    2026-05-15 01:44
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0045",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T13:35:07.970276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T13:35:15.206Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics\r\nRyzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z1 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 2000 Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            }
          ],
          "datePublic": "2026-05-15T01:44:38.142Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service\u003cbr\u003e"
                }
              ],
              "value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120  Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T01:47:31.317Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-0045",
        "datePublished": "2026-05-15T01:47:31.317Z",
        "dateReserved": "2024-11-21T16:18:13.504Z",
        "dateUpdated": "2026-05-15T13:35:15.206Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-26377 (GCVE-0-2021-26377)

    Vulnerability from nvd – Published: 2025-09-06 15:18 – Updated: 2025-09-08 13:47
    VLAI
    Summary
    Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_0.0.8.0 RC1
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2_1000
    Create a notification for this product.
    AMD AMD Radeon™ RX 5000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
    Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W5000 Series Graphics Products Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
    Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ Instinct™ MI25 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    AMD AMD Radeon™ PRO V520 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    AMD AMD Radeon™ PRO V620 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    Date Public
    2025-09-06 14:57
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26377",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T13:46:56.766235Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T13:47:10.991Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_0.0.8.0 RC1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5_1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1000"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
                },
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
                },
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 Instinct\u2122 MI25 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V520 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V620 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            }
          ],
          "datePublic": "2025-09-06T14:57:52.467Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.\r\n\u003cbr\u003e"
                }
              ],
              "value": "Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190  Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-06T15:18:56.502Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26377",
        "datePublished": "2025-09-06T15:18:56.502Z",
        "dateReserved": "2021-01-29T21:24:26.157Z",
        "dateUpdated": "2025-09-08T13:47:10.991Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-36349 (GCVE-0-2024-36349)

    Vulnerability from nvd – Published: 2025-07-08 16:42 – Updated: 2025-07-09 14:00
    VLAI
    Summary
    A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1420 - Exposure of Sensitive Information during Transient Execution
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7002 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: all
    Create a notification for this product.
    Date Public
    2025-07-08 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36349",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-09T14:00:30.310556Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-09T14:00:36.439Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122  Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122  Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122  Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122  Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            }
          ],
          "datePublic": "2025-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.\u003cbr\u003e"
                }
              ],
              "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1420",
                  "description": "CWE-1420  Exposure of Sensitive Information during Transient Execution",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T16:42:17.471Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-36349",
        "datePublished": "2025-07-08T16:42:17.471Z",
        "dateReserved": "2024-05-23T19:44:50.000Z",
        "dateUpdated": "2025-07-09T14:00:36.439Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-36348 (GCVE-0-2024-36348)

    Vulnerability from nvd – Published: 2025-07-08 16:42 – Updated: 2025-11-04 21:08
    VLAI
    Summary
    A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1420 - Exposure of Sensitive Information during Transient Execution
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7002 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Affected: all
    Create a notification for this product.
    Date Public
    2025-07-08 16:06
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36348",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-08T19:01:13.256423Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-08T19:01:28.169Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T21:08:38.170Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/08/28/2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            }
          ],
          "datePublic": "2025-07-08T16:06:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage."
                }
              ],
              "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1420",
                  "description": "CWE-1420  Exposure of Sensitive Information during Transient Execution",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T16:42:32.665Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-36348",
        "datePublished": "2025-07-08T16:42:32.665Z",
        "dateReserved": "2024-05-23T19:44:50.000Z",
        "dateUpdated": "2025-11-04T21:08:38.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-36347 (GCVE-0-2024-36347)

    Vulnerability from nvd – Published: 2025-06-27 22:14 – Updated: 2026-02-26 17:50
    VLAI
    Summary
    Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Unaffected: NaplesPI 1.0.0.P
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Unaffected: RomePI 1.0.0.L
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Unaffected: MilanPI 1.0.0.F
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Unaffected: Genoa 1.0.0.E
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Unaffected: ComboAM5PI1.0.0.a
    Unaffected: ComboAM5PI1.1.0.3c
    Unaffected: ComboAM5PI1.2.0.3
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Unaffected: TurinPI 1.0.0.4
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Unaffected: MI300PI_SR5 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.D
    Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.D
    Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.0.0.a
    Unaffected: ComboAM5PI 1.1.0.3c
    Unaffected: ComboAM5PI 1.2.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Unaffected: ComboAM5PI 1.1.0.3c
    Unaffected: ComboAM5PI 1.2.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.3c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6 1.0.0.1k
    Unaffected: StormPeakPI-SP6 1.1.0.0i
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.B
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.g
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.B
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2b
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2b
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.Eb
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.1.1b
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.7b
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Bb
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Bb
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.1.1b
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors Unaffected: DragonRangeFL1 1.0.0.3g
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Unaffected: StrixKrakenPI-FP8_1.1.0.0b
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max + Unaffected: StrixHaloPI-FP11_1.0.0.1
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Mobile Processors Unaffected: FireRangeFL1PI 1.0.0.0a
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Unaffected: SnowyOwl PI 1.1.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Unaffected: EmbRomePI-SP3 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Unaffected: EmbMilan PI-SP3 1.0.0.A
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Unaffected: EmbGenoaPI-SP5 1.0.0.9
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Unaffected: EmbGenoaPI-SP5 1.0.0.9
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 97X4 Unaffected: EmbGenoaPI-SP5 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Unaffected: EmbeddedR2KPI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Unaffected: EmbAM4PI 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Unaffected: EmbeddedAM5PI 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™Embedded V2000 Unaffected: EmbeddedPI-FP6 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™Embedded V3000 Unaffected: EmbeddedPI-FP7R2 1.0.0.C
    Create a notification for this product.
    Date Public
    2025-06-27 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36347",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T03:55:55.838463Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:21.428Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "NaplesPI 1.0.0.P"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.L"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Genoa 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI1.0.0.a"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI1.1.0.3c"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI1.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MI300PI_SR5 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.D"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.D"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.a"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3c"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3c"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6 1.0.0.1k"
                },
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6 1.1.0.0i"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.B"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.g"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.Eb"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.1.1b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.7b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.Bb"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.Bb"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.1.1b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1 1.0.0.3g"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrakenPI-FP8_1.1.0.0b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max +",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixHaloPI-FP11_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "FireRangeFL1PI 1.0.0.0a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwl PI 1.1.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilan PI-SP3 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 97X4",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI  1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7R2 1.0.0.C"
                }
              ]
            }
          ],
          "datePublic": "2025-06-27T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.\u003cbr\u003e"
                }
              ],
              "value": "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347 Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-27T22:14:01.944Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-36347",
        "datePublished": "2025-06-27T22:14:01.944Z",
        "dateReserved": "2024-05-23T19:44:47.201Z",
        "dateUpdated": "2026-02-26T17:50:21.428Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-20515 (GCVE-0-2023-20515)

    Vulnerability from nvd – Published: 2025-02-11 21:16 – Updated: 2025-02-12 15:35
    VLAI
    Summary
    Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1284 - Improper Validation of Specified Quantity in Input
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
    Unaffected: ComboAM4PI 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Unaffected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
    Unaffected: ChagallWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.7
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Pollock-FT5 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: Cezanne-FP6 1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.0.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3b
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Unaffected: EmbeddedPI-FP5 1.2.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Unaffected: EmbeddedR2KPI-FP5 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Unaffected: EmbAM4PI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Unaffected: EmbeddedPI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Unaffected: Embedded-PIFP7r2 1.0.0.8
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20515",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-12T14:03:56.637259Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T15:35:01.957Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Pollock-FT5 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Cezanne-FP6 1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Embedded-PIFP7r2 1.0.0.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability."
                }
              ],
              "value": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1284",
                  "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-11T21:16:29.016Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20515",
        "datePublished": "2025-02-11T21:16:29.016Z",
        "dateReserved": "2022-10-27T18:53:39.736Z",
        "dateUpdated": "2025-02-12T15:35:01.957Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-21925 (GCVE-0-2024-21925)

    Vulnerability from nvd – Published: 2025-02-11 20:39 – Updated: 2025-06-27 21:55
    VLAI
    Summary
    Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Processors Unaffected: Naples PI 1.0.0.N
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Processors Unaffected: Rome PI 1.0.0.K
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Processors Unaffected: Genoa PI 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Processors Unaffected: Milan PI 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.C
    Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.2b
    Unaffected: ComboAM5PI 1.1.0.3b
    Unaffected: ComboAM5PI 1.0.0.a
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.C
    Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Unaffected: ComboAM5PI 1.2.0.2b
    Unaffected: ComboAM5PI 1.1.0.3b
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.F
    Unaffected: ChagallWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6 1.1.0.0h
    Unaffected: StormPeakPI-SP6 1.0.0.1j
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Unaffected: PollockPI-FT5 1.0.0.8a
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.Ea
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.1.1a
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.7a
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Ba
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Ba
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.1.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.1.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3f
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Unaffected: SnowyOwlPI 1.1.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Unaffected: EmbRomePI-SP3 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Unaffected: EmbMilanPI-SP3 1.0.0.A
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Unaffected: EmbGenoaPI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Unaffected: EmbAM4PI 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Unaffected: EmbeddedV2KAPI-FP6 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Unaffected: EmbeddedPI-FP6 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Unaffected: EmbeddedPI_FP7R2 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Unaffected: EmbeddedPhoenixPI-FP7r2_1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Unaffected: EmbeddedR2KPIFP5 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    Date Public
    2025-02-11 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21925",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-11T21:01:07.683566Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T15:35:34.994Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 7001 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Naples PI 1.0.0.N"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 7002 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rome PI 1.0.0.K"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 9004 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Genoa PI 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 7003 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Milan PI 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.2b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.2b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.F"
                },
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.1.0.0h"
                },
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.0.0.1j"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                },
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5 1.0.0.8a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.Ea"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.1.1a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.7a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7  1.0.0.Ba"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7  1.0.0.Ba"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.1.8.0"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.1.8.0"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3f"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 Embedded 3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwlPI 1.1.0.E"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 Embedded 7002",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 Embedded 7003",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 Embedded 9004",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded 7000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedV2KAPI-FP6 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI_FP7R2 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded 8000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPhoenixPI-FP7r2_1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPIFP5 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            }
          ],
          "datePublic": "2025-02-11T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution."
                }
              ],
              "value": "Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-27T21:55:43.707Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21925",
        "datePublished": "2025-02-11T20:39:03.746Z",
        "dateReserved": "2024-01-03T16:43:09.232Z",
        "dateUpdated": "2025-06-27T21:55:43.707Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0179 (GCVE-0-2024-0179)

    Vulnerability from nvd – Published: 2025-02-11 20:52 – Updated: 2026-02-26 19:08
    VLAI
    Summary
    SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.C
    Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.2b
    Unaffected: ComboAM5PI 1.1.0.3b
    Unaffected: ComboAM5PI 1.0.0.a
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.C
    Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Unaffected: ComboAM5PI 1.2.0.2b
    Unaffected: ComboAM5PI 1.1.0.3b
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6 1.1.0.0h
    Unaffected: StormPeakPI-SP6 1.0.0.1j
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Unaffected: PollockPI-FT5 1.0.0.8a
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.Ea
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.1.1a
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.7a
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Ba
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Ba
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.1.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.1.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3f
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Unaffected: EmbeddedPI-FP6 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Unaffected: EmbeddedPI_FP7R2 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Unaffected: EmbeddedPhoenixPI-FP7r2_1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™Embedded R2000 Affected: EmbeddedR2KPIFP5 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Unaffected: EmbAM4PI 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Unaffected: EmbeddedAM5PI 1.0.0.3
    Create a notification for this product.
    Date Public
    2025-02-10 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0179",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-24T03:55:34.950478Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T19:08:51.506Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.2b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.2b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.1.0.0h"
                },
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.0.0.1j"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                },
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5 1.0.0.8a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.Ea"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.1.1a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.7a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7  1.0.0.Ba"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7  1.0.0.Ba"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.1.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.1.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI_FP7R2 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPhoenixPI-FP7r2_1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbeddedR2KPIFP5 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.3"
                }
              ]
            }
          ],
          "datePublic": "2025-02-10T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution."
                }
              ],
              "value": "SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-27T21:51:56.190Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-0179",
        "datePublished": "2025-02-11T20:52:24.110Z",
        "dateReserved": "2023-12-27T16:06:35.776Z",
        "dateUpdated": "2026-02-26T19:08:51.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21981 (GCVE-0-2024-21981)

    Vulnerability from nvd – Published: 2024-08-13 16:54 – Updated: 2024-08-15 18:09
    VLAI
    Summary
    Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Affected: various
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    amd athlon Affected: 0 , < * (custom)
        cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen Affected: 0 , < * (custom)
        cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc Affected: 0 , < * (custom)
        cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "athlon",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21981",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T17:56:59.454756Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-639",
                    "description": "CWE-639 Authorization Bypass Through User-Controlled Key",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-15T18:09:24.358Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "PI",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper key usage control in AMD Secure Processor\n(ASP) may allow an attacker with local access \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003ewho has gained arbitrary code\nexecution privilege in ASP\u0026nbsp;\u003c/a\u003eto\nextract ASP cryptographic keys, potentially resulting in loss of\nconfidentiality and integrity.\n\n\u003cdiv\u003e\n\n\n\n\n\n\u003cdiv\u003e\n\n\u003cdiv\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\n\n\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Improper key usage control in AMD Secure Processor\n(ASP) may allow an attacker with local access who has gained arbitrary code\nexecution privilege in ASP\u00a0to\nextract ASP cryptographic keys, potentially resulting in loss of\nconfidentiality and integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:54:58.122Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21981",
        "datePublished": "2024-08-13T16:54:58.122Z",
        "dateReserved": "2024-01-03T16:43:30.197Z",
        "dateUpdated": "2024-08-15T18:09:24.358Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20518 (GCVE-0-2023-20518)

    Vulnerability from nvd – Published: 2024-08-13 16:52 – Updated: 2024-11-05 17:10
    VLAI
    Summary
    Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.4 (PI)
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4V1 1.0.0.A
    Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Unaffected: ComboAM4V1 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.F
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.5
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20518",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T14:20:09.090291Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-459",
                    "description": "CWE-459 Incomplete Cleanup",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T17:10:30.170Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.4",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.6"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5   1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.5"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:52:55.976Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20518",
        "datePublished": "2024-08-13T16:52:55.976Z",
        "dateReserved": "2022-10-27T18:53:39.736Z",
        "dateUpdated": "2024-11-05T17:10:30.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23817 (GCVE-0-2022-23817)

    Vulnerability from nvd – Published: 2024-08-13 16:51 – Updated: 2026-05-15 03:03
    VLAI
    Summary
    Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.5
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4V1 1.0.0.A
    Unaffected: ComboAM4V2 1.2.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 2000 Mobile Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Unaffected: ComboAM4PI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso") Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processor Unaffected: EmbeddedPI-FP6_1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2_1002
    Create a notification for this product.
    AMD AMD Radeon™ RX 5000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W5000 Series Graphics Products Unaffected: AMD Software: PRO Edition 22.Q2 (22.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 22.Q2 (22.10.20)
    Create a notification for this product.
    AMD MI-25 / 50 Unaffected: No fix planned
    Create a notification for this product.
    AMD MI-100 Unaffected: ROCm 6.4.2
    Create a notification for this product.
    AMD AMD Instinct™ MI250 Unaffected: ROCm 7.0
    Create a notification for this product.
    AMD AMD Instinct™ MI210 Unaffected: ROCm 7.0
    Create a notification for this product.
    amd ryzen_3_3300x_firmware Unaffected: 0 , < comboam4v2_1.2.0.a (custom)
        cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_3300u_firmware Unaffected: 0 , < picassopi-fp5_1.0.0.e (custom)
        cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_pro_3200g_firmware Unaffected: 0 , < comboam4v2_pi_1.2.0.8 (custom)
        cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_7500f_firmware Unaffected: 0 , < comboam5_1.0.8.0 (custom)
        cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_3995wx_firmware Unaffected: 0 , < castlepeakpi-sp3r3_1.0.0.8 (custom)
        cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_3995wx_firmware Unaffected: 0 , < castlepeakwspi-swrx8_1.0.0.a (custom)
        cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_5995wx_firmware Unaffected: 0 , < chagallwspi-swrx8_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_4300u_firmware Unaffected: 0 , < renoirpi-fp6_1.0.0.a (custom)
        cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_6600u_firmware Unaffected: 0 , < rembrandtpi-fp7_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_7335u_firmware Unaffected: 0 , < rembrandtpi-fp7_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7_7745hx_firmware Unaffected: 0 , < dragonrangefl1pi_1.0.0.3b (custom)
        cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_5600x_firmware Unaffected: 0 , < comboam4v2_pi_1.2.0.8 (custom)
        cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_5300g_firmware Unaffected: 0 , < cezannepi-fp6_1.0.0.c (custom)
        cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_5425c_firmware Unaffected: 0 , < cezannepi-fp6_1.0.0.c (custom)
        cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd athlon_pro_300ge_firmware Unaffected: 0 , < picassopi-fp5_1.0.0.e (custom)
        cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-05-15 03:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_3300x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_1.2.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_3300u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "picassopi-fp5_1.0.0.e",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_pro_3200g_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_pi_1.2.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_7500f_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam5_1.0.8.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_3995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "castlepeakpi-sp3r3_1.0.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_3995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "castlepeakwspi-swrx8_1.0.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_5995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "chagallwspi-swrx8_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_4300u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "renoirpi-fp6_1.0.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_6600u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "rembrandtpi-fp7_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_7335u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "rembrandtpi-fp7_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_7_7745hx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "dragonrangefl1pi_1.0.0.3b",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_5600x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_pi_1.2.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_5300g_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "cezannepi-fp6_1.0.0.c",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_5425c_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "cezannepi-fp6_1.0.0.c",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "athlon_pro_300ge_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "picassopi-fp5_1.0.0.e",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T17:51:43.434721Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-16T20:27:19.545Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.5"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 2000 Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1002"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 22.Q2 (22.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 22.Q2 (22.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "MI-25 / 50",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "No fix planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "MI-100",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 6.4.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI250",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 7.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI210",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 7.0"
                }
              ]
            }
          ],
          "datePublic": "2026-05-15T03:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.\u003cbr\u003e"
                }
              ],
              "value": "Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20  Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T03:03:25.036Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2022-23817",
        "datePublished": "2024-08-13T16:51:45.468Z",
        "dateReserved": "2022-01-21T17:14:12.302Z",
        "dateUpdated": "2026-05-15T03:03:25.036Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-46772 (GCVE-0-2021-46772)

    Vulnerability from nvd – Published: 2024-08-13 16:50 – Updated: 2024-11-05 21:18
    VLAI
    Summary
    Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.E (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.8
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.4
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-46772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T14:19:27.997821Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              },
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T21:18:50.631Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.E",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3  1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3  1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.4"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service.\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Insufficient input validation in the ABL may allow a privileged\nattacker with access to the BIOS menu or UEFI shell to tamper with the\nstructure headers in SPI ROM causing an out of bounds memory read and write,\npotentially resulting in memory corruption or denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:54.016Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-46772",
        "datePublished": "2024-08-13T16:50:54.016Z",
        "dateReserved": "2022-03-31T16:50:27.872Z",
        "dateUpdated": "2024-11-05T21:18:50.631Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-46746 (GCVE-0-2021-46746)

    Vulnerability from nvd – Published: 2024-08-13 16:50 – Updated: 2024-10-31 13:57
    VLAI
    Summary
    Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3b
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.2
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-46746",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T16:06:22.367564Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T13:57:25.237Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "PollockPI-FT5  1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.2"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eLack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (\u003ca target=\"_blank\" rel=\"nofollow\"\u003eTEE\u003c/a\u003e) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, \u003ca target=\"_blank\" rel=\"nofollow\"\u003epotentially\u003c/a\u003e\u0026nbsp;leading to a denial of service.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing\nkeys to c006Frrupt the return address, causing a\nstack-based buffer overrun, potentially\u00a0leading to a denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:51.023Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-46746",
        "datePublished": "2024-08-13T16:50:51.023Z",
        "dateReserved": "2022-03-31T16:50:27.864Z",
        "dateUpdated": "2024-10-31T13:57:25.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26387 (GCVE-0-2021-26387)

    Vulnerability from nvd – Published: 2024-08-13 16:50 – Updated: 2024-10-30 17:59
    VLAI
    Summary
    Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.9
    Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.9
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-14T15:47:34.441746Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-30T17:59:30.394Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "PI",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5  1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.9"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected \u003ca target=\"_blank\" rel=\"nofollow\"\u003eareas,\u003c/a\u003e\u0026nbsp;potentially leading to a loss of platform integrity.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected areas,\u00a0potentially leading to a loss of platform integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:50:22.151Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26387",
        "datePublished": "2024-08-13T16:50:22.151Z",
        "dateReserved": "2021-01-29T21:24:26.161Z",
        "dateUpdated": "2024-10-30T17:59:30.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26344 (GCVE-0-2021-26344)

    Vulnerability from nvd – Published: 2024-08-13 16:49 – Updated: 2025-03-18 15:35
    VLAI
    Summary
    An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Unaffected: RomePI 1.0.0.C
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Unaffected: MilanPI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Unaffected: EmbRomePI-SP3 1.0.0.6
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: Various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Unaffected: EmbMilanPI-SP3 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: v
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.4
    Create a notification for this product.
    amd naplespi Affected: 0 , < 1.0.0.k (custom)
        cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd romepi Affected: 0 , < 1.0.0.C (custom)
        cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd milanpi Affected: 0 , < 1.0.0.5 (custom)
        cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:naplespi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "naplespi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.k",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "romepi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.C",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:milanpi:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "milanpi",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "1.0.0.5",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T18:29:11.333464Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T15:35:45.232Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3  1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "Various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3  1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "v"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.4"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution.\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "An out of bounds memory write when processing the AMD\nPSP1 Configuration Block (APCB) could allow an attacker with access the ability\nto modify the BIOS image, and the ability to sign the resulting image, to\npotentially modify the APCB block resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:49:52.889Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26344",
        "datePublished": "2024-08-13T16:49:52.889Z",
        "dateReserved": "2021-01-29T21:24:26.145Z",
        "dateUpdated": "2025-03-18T15:35:45.232Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20572 (GCVE-0-2023-20572)

    Vulnerability from cvelistv5 – Published: 2026-06-26 15:53 – Updated: 2026-06-26 15:59
    VLAI
    Summary
    An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-208 - Observable timing discrepancy
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Pollock-FT5 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: Cezanne-FP6 1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile processors with Radeon™ Graphics Unaffected: Cezanne-FP6 1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: Renoir-FP6 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: Rembrandt-FP7 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Unaffected: ComboAM4PI 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.7a
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.7a
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: StormPeakPI-SP6 1.1.0.0c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000WX-Series Processors Unaffected: StormPeakPI-SP6 1.0.0.1e
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20572",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-26T15:59:13.642252Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-26T15:59:23.309Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5  1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Pollock-FT5  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Cezanne-FP6  1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Cezanne-FP6  1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Renoir-FP6  1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rembrandt-FP7  1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6  1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5  1.0.0.7a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5  1.0.0.7a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.1.0.0c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.0.0.1e"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity."
                }
              ],
              "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-208",
                  "description": "CWE-208 Observable timing discrepancy",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-26T15:53:38.503Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4012.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20572",
        "datePublished": "2026-06-26T15:53:38.503Z",
        "dateReserved": "2022-10-27T18:53:39.755Z",
        "dateUpdated": "2026-06-26T15:59:23.309Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-20540 (GCVE-0-2023-20540)

    Vulnerability from cvelistv5 – Published: 2026-06-26 15:44 – Updated: 2026-06-26 16:00
    VLAI
    Summary
    An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-208 - Observable timing discrepancy
    Assigner
    AMD
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-26T16:00:48.333509Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-26T16:00:59.349Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4  1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI  1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity."
                }
              ],
              "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 1.8,
                "baseSeverity": "LOW",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-208",
                  "description": "CWE-208 Observable timing discrepancy",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-26T15:44:59.841Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4012.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20540",
        "datePublished": "2026-06-26T15:44:59.841Z",
        "dateReserved": "2022-10-27T18:53:39.742Z",
        "dateUpdated": "2026-06-26T16:00:59.349Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0045 (GCVE-0-2025-0045)

    Vulnerability from cvelistv5 – Published: 2026-05-15 01:47 – Updated: 2026-05-15 13:35
    VLAI
    Summary
    Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Z1 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 9000 Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Z2 Series Processors Extreme Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 2000 Mobile Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: 25Q3 AMD Emb [R1000 V1000] Win® Catalyst™ WHQL certified driver (71251)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: Q2- 2025 AMD Embedded R2000, V2000 Windows® Catalyst™ WHQL certified driver (68914)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 9000 Series Processors Unaffected: Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows® Catalyst™ driver [25.6.1] (68926)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9005 Series Processors Unaffected: Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 4005 Series Processors Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 4004 Series Processors Unaffected: AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Unaffected: AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    AMD AMD EPYC™ 4005 Series Processors Unaffected: AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
    Create a notification for this product.
    Date Public
    2026-05-15 01:44
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0045",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T13:35:07.970276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T13:35:15.206Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics\r\nRyzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z1 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Z2 Series Processors Extreme",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 2000 Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Ryzen\u2122 Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "25Q3 AMD Emb [R1000 V1000] Win\u00ae Catalyst\u2122 WHQL certified driver (71251)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2- 2025 AMD Embedded R2000, V2000 Windows\u00ae Catalyst\u2122 WHQL certified driver (68914)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 9000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q2 - 2025 AMD Embedded Ryzen[7000 8000 9000] Windows\u00ae Catalyst\u2122 driver [25.6.1] (68926)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Q4 - 2025 AMD Embedded Windows\u00ae Chipset drivers (71816)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AM5 Windows Chipset Drivers with Digital Signature Fix (64284)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4005 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0"
                }
              ]
            }
          ],
          "datePublic": "2026-05-15T01:44:38.142Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service\u003cbr\u003e"
                }
              ],
              "value": "Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120  Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T01:47:31.317Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3047.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2025-0045",
        "datePublished": "2026-05-15T01:47:31.317Z",
        "dateReserved": "2024-11-21T16:18:13.504Z",
        "dateUpdated": "2026-05-15T13:35:15.206Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-26377 (GCVE-0-2021-26377)

    Vulnerability from cvelistv5 – Published: 2025-09-06 15:18 – Updated: 2025-09-08 13:47
    VLAI
    Summary
    Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Unaffected: PollockPI-FT5 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7030 Series Mobile processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4 V2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_0.0.8.0 RC1
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5_1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6_1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2_1000
    Create a notification for this product.
    AMD AMD Radeon™ RX 5000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
    Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W5000 Series Graphics Products Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
    Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 24.Q2 (24.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ Instinct™ MI25 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    AMD AMD Radeon™ PRO V520 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    AMD AMD Radeon™ PRO V620 Graphics Products Unaffected: Contact your AMD Customer Engineering representative
    Create a notification for this product.
    Date Public
    2025-09-06 14:57
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26377",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-08T13:46:56.766235Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-08T13:47:10.991Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9/ ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7030 Series Mobile processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4 V2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_0.0.8.0 RC1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5_1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1000"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
                },
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)"
                },
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 24.Q2 (24.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 Instinct\u2122 MI25 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V520 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO V620 Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Contact your AMD Customer Engineering representative"
                }
              ]
            }
          ],
          "datePublic": "2025-09-06T14:57:52.467Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.\r\n\u003cbr\u003e"
                }
              ],
              "value": "Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190  Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-06T15:18:56.502Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2021-26377",
        "datePublished": "2025-09-06T15:18:56.502Z",
        "dateReserved": "2021-01-29T21:24:26.157Z",
        "dateUpdated": "2025-09-08T13:47:10.991Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-36348 (GCVE-0-2024-36348)

    Vulnerability from cvelistv5 – Published: 2025-07-08 16:42 – Updated: 2025-11-04 21:08
    VLAI
    Summary
    A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1420 - Exposure of Sensitive Information during Transient Execution
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7002 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Affected: all
    Create a notification for this product.
    Date Public
    2025-07-08 16:06
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36348",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-08T19:01:13.256423Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-08T19:01:28.169Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T21:08:38.170Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/08/28/2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            }
          ],
          "datePublic": "2025-07-08T16:06:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage."
                }
              ],
              "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1420",
                  "description": "CWE-1420  Exposure of Sensitive Information during Transient Execution",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T16:42:32.665Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-36348",
        "datePublished": "2025-07-08T16:42:32.665Z",
        "dateReserved": "2024-05-23T19:44:50.000Z",
        "dateUpdated": "2025-11-04T21:08:38.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-36349 (GCVE-0-2024-36349)

    Vulnerability from cvelistv5 – Published: 2025-07-08 16:42 – Updated: 2025-07-09 14:00
    VLAI
    Summary
    A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1420 - Exposure of Sensitive Information during Transient Execution
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7002 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 8004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ 9V64H Processor Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: all
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: all
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: all
    Create a notification for this product.
    Date Public
    2025-07-08 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36349",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-09T14:00:30.310556Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-09T14:00:36.439Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9V64H Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122  Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122  Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122  Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122  Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "all"
                }
              ]
            }
          ],
          "datePublic": "2025-07-08T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.\u003cbr\u003e"
                }
              ],
              "value": "A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1420",
                  "description": "CWE-1420  Exposure of Sensitive Information during Transient Execution",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-08T16:42:17.471Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-36349",
        "datePublished": "2025-07-08T16:42:17.471Z",
        "dateReserved": "2024-05-23T19:44:50.000Z",
        "dateUpdated": "2025-07-09T14:00:36.439Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-36347 (GCVE-0-2024-36347)

    Vulnerability from cvelistv5 – Published: 2025-06-27 22:14 – Updated: 2026-02-26 17:50
    VLAI
    Summary
    Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Unaffected: NaplesPI 1.0.0.P
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Unaffected: RomePI 1.0.0.L
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Unaffected: MilanPI 1.0.0.F
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Series Unaffected: Genoa 1.0.0.E
    Create a notification for this product.
    AMD AMD EPYC™ 4004 Series Unaffected: ComboAM5PI1.0.0.a
    Unaffected: ComboAM5PI1.1.0.3c
    Unaffected: ComboAM5PI1.2.0.3
    Create a notification for this product.
    AMD AMD EPYC™ 9005 Series Unaffected: TurinPI 1.0.0.4
    Create a notification for this product.
    AMD AMD Instinct™ MI300A Unaffected: MI300PI_SR5 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.D
    Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.D
    Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.0.0.a
    Unaffected: ComboAM5PI 1.1.0.3c
    Unaffected: ComboAM5PI 1.2.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Unaffected: ComboAM5PI 1.1.0.3c
    Unaffected: ComboAM5PI 1.2.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ 9000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.3c
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6 1.0.0.1k
    Unaffected: StormPeakPI-SP6 1.1.0.0i
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.B
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.g
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.B
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2b
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2b
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.Eb
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.1.1b
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.7b
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Bb
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Bb
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.1.1b
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7045 Series Mobile Processors Unaffected: DragonRangeFL1 1.0.0.3g
    Create a notification for this product.
    AMD AMD Ryzen™ AI 300 Series Unaffected: StrixKrakenPI-FP8_1.1.0.0b
    Create a notification for this product.
    AMD AMD Ryzen™ AI Max + Unaffected: StrixHaloPI-FP11_1.0.0.1
    Create a notification for this product.
    AMD AMD Ryzen™ 9000HX Series Mobile Processors Unaffected: FireRangeFL1PI 1.0.0.0a
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Unaffected: SnowyOwl PI 1.1.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Unaffected: EmbRomePI-SP3 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Unaffected: EmbMilan PI-SP3 1.0.0.A
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 8004 Unaffected: EmbGenoaPI-SP5 1.0.0.9
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Unaffected: EmbGenoaPI-SP5 1.0.0.9
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 97X4 Unaffected: EmbGenoaPI-SP5 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Unaffected: EmbeddedR2KPI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Unaffected: EmbAM4PI 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Unaffected: EmbeddedAM5PI 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™Embedded V2000 Unaffected: EmbeddedPI-FP6 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™Embedded V3000 Unaffected: EmbeddedPI-FP7R2 1.0.0.C
    Create a notification for this product.
    Date Public
    2025-06-27 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36347",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T03:55:55.838463Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:21.428Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7001 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "NaplesPI 1.0.0.P"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RomePI 1.0.0.L"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MilanPI 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Genoa 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 4004 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI1.0.0.a"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI1.1.0.3c"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI1.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9005 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "TurinPI 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI300A",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MI300PI_SR5 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.D"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.D"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.a"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3c"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3c"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.3c"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6 1.0.0.1k"
                },
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6 1.1.0.0i"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.B"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.g"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.Eb"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.1.1b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.7b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.Bb"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.Bb"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.1.1b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7045 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1 1.0.0.3g"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI 300 Series",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixKrakenPI-FP8_1.1.0.0b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 AI Max +",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StrixHaloPI-FP11_1.0.0.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 9000HX Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "FireRangeFL1PI 1.0.0.0a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwl PI 1.1.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilan PI-SP3 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 8004",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 9004",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 97X4",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI-SP5 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI  1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI  1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7R2 1.0.0.C"
                }
              ]
            }
          ],
          "datePublic": "2025-06-27T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.\u003cbr\u003e"
                }
              ],
              "value": "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347 Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-27T22:14:01.944Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-36347",
        "datePublished": "2025-06-27T22:14:01.944Z",
        "dateReserved": "2024-05-23T19:44:47.201Z",
        "dateUpdated": "2026-02-26T17:50:21.428Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-20515 (GCVE-0-2023-20515)

    Vulnerability from cvelistv5 – Published: 2025-02-11 21:16 – Updated: 2025-02-12 15:35
    VLAI
    Summary
    Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1284 - Improper Validation of Specified Quantity in Input
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
    Unaffected: ComboAM4PI 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Unaffected: ComboAM5 1.0.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
    Unaffected: ChagallWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.7
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Pollock-FT5 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: Cezanne-FP6 1.0.1.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.6
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.9b
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.0.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3b
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Unaffected: EmbeddedPI-FP5 1.2.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Unaffected: EmbeddedR2KPI-FP5 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Unaffected: EmbAM4PI 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Unaffected: EmbeddedPI-FP6 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Affected: No Fix Planned
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Unaffected: Embedded-PIFP7r2 1.0.0.8
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20515",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-12T14:03:56.637259Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T15:35:01.957Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.CA"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
                },
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Pollock-FT5 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Picasso-FP5 1.0.1.1"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Cezanne-FP6 1.0.1.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.9b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.0.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "No Fix Planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Embedded-PIFP7r2 1.0.0.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability."
                }
              ],
              "value": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1284",
                  "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-11T21:16:29.016Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20515",
        "datePublished": "2025-02-11T21:16:29.016Z",
        "dateReserved": "2022-10-27T18:53:39.736Z",
        "dateUpdated": "2025-02-12T15:35:01.957Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0179 (GCVE-0-2024-0179)

    Vulnerability from cvelistv5 – Published: 2025-02-11 20:52 – Updated: 2026-02-26 19:08
    VLAI
    Summary
    SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.C
    Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.2b
    Unaffected: ComboAM5PI 1.1.0.3b
    Unaffected: ComboAM5PI 1.0.0.a
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.C
    Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Unaffected: ComboAM5PI 1.2.0.2b
    Unaffected: ComboAM5PI 1.1.0.3b
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6 1.1.0.0h
    Unaffected: StormPeakPI-SP6 1.0.0.1j
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Unaffected: PollockPI-FT5 1.0.0.8a
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.Ea
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.1.1a
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.7a
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Ba
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Ba
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.1.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.1.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3f
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Unaffected: EmbeddedPI-FP6 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Unaffected: EmbeddedPI_FP7R2 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Unaffected: EmbeddedPhoenixPI-FP7r2_1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™Embedded R2000 Affected: EmbeddedR2KPIFP5 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Unaffected: EmbAM4PI 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Unaffected: EmbeddedAM5PI 1.0.0.3
    Create a notification for this product.
    Date Public
    2025-02-10 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0179",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-24T03:55:34.950478Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T19:08:51.506Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.2b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.2b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.1.0.0h"
                },
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.0.0.1j"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                },
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5 1.0.0.8a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.Ea"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.1.1a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.7a"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7  1.0.0.Ba"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7  1.0.0.Ba"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.1.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.1.8.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3f"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI_FP7R2 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 8000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPhoenixPI-FP7r2_1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "EmbeddedR2KPIFP5 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI 1.0.0.3"
                }
              ]
            }
          ],
          "datePublic": "2025-02-10T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution."
                }
              ],
              "value": "SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-27T21:51:56.190Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-0179",
        "datePublished": "2025-02-11T20:52:24.110Z",
        "dateReserved": "2023-12-27T16:06:35.776Z",
        "dateUpdated": "2026-02-26T19:08:51.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21925 (GCVE-0-2024-21925)

    Vulnerability from cvelistv5 – Published: 2025-02-11 20:39 – Updated: 2025-06-27 21:55
    VLAI
    Summary
    Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Processors Unaffected: Naples PI 1.0.0.N
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Processors Unaffected: Rome PI 1.0.0.K
    Create a notification for this product.
    AMD AMD EPYC™ 9004 Processors Unaffected: Genoa PI 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Processors Unaffected: Milan PI 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4PI 1.0.0.C
    Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5PI 1.2.0.2b
    Unaffected: ComboAM5PI 1.1.0.3b
    Unaffected: ComboAM5PI 1.0.0.a
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4PI 1.0.0.C
    Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics Unaffected: ComboAM5PI 1.2.0.2b
    Unaffected: ComboAM5PI 1.1.0.3b
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.D
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.F
    Unaffected: ChagallWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors Unaffected: StormPeakPI-SP6 1.1.0.0h
    Unaffected: StormPeakPI-SP6 1.0.0.1j
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Unaffected: PollockPI-FT5 1.0.0.8a
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.1.2a
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.Ea
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.1.1a
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.7a
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Ba
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.Ba
    Create a notification for this product.
    AMD AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.1.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics Unaffected: PhoenixPI-FP8-FP7 1.1.8.0
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Mobile Processors Unaffected: DragonRangeFL1PI 1.0.0.3f
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Unaffected: SnowyOwlPI 1.1.0.E
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Unaffected: EmbRomePI-SP3 1.0.0.D
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Unaffected: EmbMilanPI-SP3 1.0.0.A
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 9004 Unaffected: EmbGenoaPI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Unaffected: EmbAM4PI 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Unaffected: EmbeddedV2KAPI-FP6 1.0.0.7
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Unaffected: EmbeddedPI-FP6 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Unaffected: EmbeddedPI_FP7R2 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 8000 Unaffected: EmbeddedPhoenixPI-FP7r2_1.2.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Unaffected: EmbeddedR2KPIFP5 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Unaffected: EmbeddedPI-FP5 1.2.0.F
    Create a notification for this product.
    Date Public
    2025-02-11 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21925",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-11T21:01:07.683566Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T15:35:34.994Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 7001 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Naples PI 1.0.0.N"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 7002 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Rome PI 1.0.0.K"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 9004 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Genoa PI 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 7003 Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "Milan PI 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.2b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.0.0.a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI  1.0.0.C"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2PI 1.2.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.2.0.2b"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM5PI 1.1.0.3b"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.F"
                },
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX- Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.1.0.0h"
                },
                {
                  "status": "unaffected",
                  "version": "StormPeakPI-SP6  1.0.0.1j"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                },
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5 1.0.0.8a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.1.2a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.Ea"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.1.1a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.7a"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7  1.0.0.Ba"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7  1.0.0.Ba"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.1.8.0"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PhoenixPI-FP8-FP7 1.1.8.0"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "DragonRangeFL1PI 1.0.0.3f"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 Embedded 3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "SnowyOwlPI 1.1.0.E"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 Embedded 7002",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbRomePI-SP3 1.0.0.D"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 Embedded 7003",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbMilanPI-SP3 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD EPYC\u2122 Embedded 9004",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbGenoaPI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded 5000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded 7000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedV2KAPI-FP6 1.0.0.7"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded V2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded V3000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI_FP7R2 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "AMD Ryzen\u2122 Embedded 8000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPhoenixPI-FP7r2_1.2.0.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPIFP5 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5 1.2.0.F"
                }
              ]
            }
          ],
          "datePublic": "2025-02-11T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution."
                }
              ],
              "value": "Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-27T21:55:43.707Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21925",
        "datePublished": "2025-02-11T20:39:03.746Z",
        "dateReserved": "2024-01-03T16:43:09.232Z",
        "dateUpdated": "2025-06-27T21:55:43.707Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-21981 (GCVE-0-2024-21981)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:54 – Updated: 2024-08-15 18:09
    VLAI
    Summary
    Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 7001 Series Processors Affected: various (PI)
    Create a notification for this product.
    AMD AMD EPYC™ 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Affected: various
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 3000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7002 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD EPYC™ Embedded 7003 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    amd athlon Affected: 0 , < * (custom)
        cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen Affected: 0 , < * (custom)
        cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd epyc Affected: 0 , < * (custom)
        cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:amd:athlon:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "athlon",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:ryzen:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ryzen",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:amd:epyc:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "epyc",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21981",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T17:56:59.454756Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-639",
                    "description": "CWE-639 Authorization Bypass Through User-Controlled Key",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-15T18:09:24.358Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "packageName": "PI",
              "product": "AMD EPYC\u2122 7001 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper key usage control in AMD Secure Processor\n(ASP) may allow an attacker with local access \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003ewho has gained arbitrary code\nexecution privilege in ASP\u0026nbsp;\u003c/a\u003eto\nextract ASP cryptographic keys, potentially resulting in loss of\nconfidentiality and integrity.\n\n\u003cdiv\u003e\n\n\n\n\n\n\u003cdiv\u003e\n\n\u003cdiv\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\n\n\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Improper key usage control in AMD Secure Processor\n(ASP) may allow an attacker with local access who has gained arbitrary code\nexecution privilege in ASP\u00a0to\nextract ASP cryptographic keys, potentially resulting in loss of\nconfidentiality and integrity."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:54:58.122Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2024-21981",
        "datePublished": "2024-08-13T16:54:58.122Z",
        "dateReserved": "2024-01-03T16:43:30.197Z",
        "dateUpdated": "2024-08-15T18:09:24.358Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20518 (GCVE-0-2023-20518)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:52 – Updated: 2024-11-05 17:10
    VLAI
    Summary
    Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD EPYC™ 9004 Series Processors Unaffected: GenoaPI 1.0.0.4 (PI)
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4V1 1.0.0.A
    Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Unaffected: ComboAM4V1 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4V2 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.B
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000WX Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.6
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.F
    Create a notification for this product.
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PollockPI-FT5 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.F
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.4
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5 1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.3
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 7000 Series Processors Unaffected: EmbeddedAM5PI 1.0.0.0
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors Affected: various
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processors Unaffected: EmbeddedPI-FP6 1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2 1.0.0.5
    Create a notification for this product.
    Date Public
    2024-08-13 16:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20518",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-15T14:20:09.090291Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-459",
                    "description": "CWE-459 Incomplete Cleanup",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T17:10:30.170Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD EPYC\u2122 9004 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "GenoaPI 1.0.0.4",
                  "versionType": "PI"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM5 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CastlePeakPI-SP3r3  1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8  1.0.0.6"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8  1.0.0.B"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000WX Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile  Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PollockPI-FT5   1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processor with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5  1.0.0.F"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6  1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6  1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "MendocinoPI-FT6 1.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5  1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.3"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedAM5PI  1.0.0.0"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "affected",
                  "version": "various"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6 1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2 1.0.0.5"
                }
              ]
            }
          ],
          "datePublic": "2024-08-13T16:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\n\n\n\n\u003c/span\u003e"
                }
              ],
              "value": "Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-13T16:52:55.976Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html"
            }
          ],
          "source": {
            "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2023-20518",
        "datePublished": "2024-08-13T16:52:55.976Z",
        "dateReserved": "2022-10-27T18:53:39.736Z",
        "dateUpdated": "2024-11-05T17:10:30.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23817 (GCVE-0-2022-23817)

    Vulnerability from cvelistv5 – Published: 2024-08-13 16:51 – Updated: 2026-05-15 03:03
    VLAI
    Summary
    Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    AMD
    Impacted products
    Vendor Product Version
    AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.5
    Unaffected: CastlePeakWSPI-sWRX8 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: RenoirPI-FP6 1.0.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: PicassoPI-FP5 1.0.0.E
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics Unaffected: CezannePI-FP6 1.0.0.C
    Create a notification for this product.
    AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4V1 1.0.0.A
    Unaffected: ComboAM4V2 1.2.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 2000 Mobile Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Unaffected: ComboAM4PI 1.0.0.9
    Create a notification for this product.
    AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2 PI 1.2.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: RembrandtPI-FP7_1.0.0.5
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R1000 Series Processors Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded R2000 Series Processors Unaffected: EmbeddedR2KPI-FP5 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded 5000 Series Processors Unaffected: EmbAM4PI 1.0.0.2
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge") Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso") Unaffected: EmbeddedPI-FP5_1.2.0.A
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V2000 Series Processor Unaffected: EmbeddedPI-FP6_1.0.0.8
    Create a notification for this product.
    AMD AMD Ryzen™ Embedded V3000 Series Processors Unaffected: EmbeddedPI-FP7r2_1002
    Create a notification for this product.
    AMD AMD Radeon™ RX 5000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W5000 Series Graphics Products Unaffected: AMD Software: PRO Edition 22.Q2 (22.10.20)
    Create a notification for this product.
    AMD AMD Radeon™ RX 6000 Series Graphics Products Unaffected: AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)
    Create a notification for this product.
    AMD AMD Radeon™ PRO W6000 Series Graphics Products Unaffected: AMD Software: PRO Edition 22.Q2 (22.10.20)
    Create a notification for this product.
    AMD MI-25 / 50 Unaffected: No fix planned
    Create a notification for this product.
    AMD MI-100 Unaffected: ROCm 6.4.2
    Create a notification for this product.
    AMD AMD Instinct™ MI250 Unaffected: ROCm 7.0
    Create a notification for this product.
    AMD AMD Instinct™ MI210 Unaffected: ROCm 7.0
    Create a notification for this product.
    amd ryzen_3_3300x_firmware Unaffected: 0 , < comboam4v2_1.2.0.a (custom)
        cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_3300u_firmware Unaffected: 0 , < picassopi-fp5_1.0.0.e (custom)
        cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_pro_3200g_firmware Unaffected: 0 , < comboam4v2_pi_1.2.0.8 (custom)
        cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_7500f_firmware Unaffected: 0 , < comboam5_1.0.8.0 (custom)
        cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_3995wx_firmware Unaffected: 0 , < castlepeakpi-sp3r3_1.0.0.8 (custom)
        cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_3995wx_firmware Unaffected: 0 , < castlepeakwspi-swrx8_1.0.0.a (custom)
        cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_threadripper_pro_5995wx_firmware Unaffected: 0 , < chagallwspi-swrx8_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_4300u_firmware Unaffected: 0 , < renoirpi-fp6_1.0.0.a (custom)
        cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_6600u_firmware Unaffected: 0 , < rembrandtpi-fp7_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_7335u_firmware Unaffected: 0 , < rembrandtpi-fp7_1.0.0.5 (custom)
        cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_7_7745hx_firmware Unaffected: 0 , < dragonrangefl1pi_1.0.0.3b (custom)
        cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_5_5600x_firmware Unaffected: 0 , < comboam4v2_pi_1.2.0.8 (custom)
        cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_5300g_firmware Unaffected: 0 , < cezannepi-fp6_1.0.0.c (custom)
        cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd ryzen_3_5425c_firmware Unaffected: 0 , < cezannepi-fp6_1.0.0.c (custom)
        cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    amd athlon_pro_300ge_firmware Unaffected: 0 , < picassopi-fp5_1.0.0.e (custom)
        cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2026-05-15 03:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_3300x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_1.2.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_3700c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3700u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3750h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_3780u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3450u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3500u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3550h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3580u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3350u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3300u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_3300u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "picassopi-fp5_1.0.0.e",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_pro_3200g_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_pi_1.2.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_5_7500f_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_7500f_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam5_1.0.8.0",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_3995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "castlepeakpi-sp3r3_1.0.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_3995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "castlepeakwspi-swrx8_1.0.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_threadripper_pro_5995wx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "chagallwspi-swrx8_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_4900h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_4900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4700u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_4980u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4500u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4600u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_4680u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_4300u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_4300u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "renoirpi-fp6_1.0.0.a",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_6600u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "rembrandtpi-fp7_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_7335u_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "rembrandtpi-fp7_1.0.0.5",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_7945hx3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_7945hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_7845hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_7745hx_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_7_7745hx_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "dragonrangefl1pi_1.0.0.3b",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_5_5600x_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "comboam4v2_pi_1.2.0.8",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500gt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600gt_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5300ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_5300g_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "cezannepi-fp6_1.0.0.c",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5500h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5560u_firmware:cezannepi-fp6_1.0.0.9:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:ryzen_3_5425c_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "ryzen_3_5425c_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "cezannepi-fp6_1.0.0.c",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:amd:athlon_3000g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "athlon_pro_300ge_firmware",
                "vendor": "amd",
                "versions": [
                  {
                    "lessThan": "picassopi-fp5_1.0.0.e",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-13T17:51:43.434721Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-16T20:27:19.545Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.5"
                },
                {
                  "status": "unaffected",
                  "version": "CastlePeakWSPI-sWRX8 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ChagallWSPI-sWRX8 1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RenoirPI-FP6 1.0.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "PicassoPI-FP5 1.0.0.E"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "CezannePI-FP6 1.0.0.C"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4V1 1.0.0.A"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4V2 1.2.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 2000 Mobile Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                },
                {
                  "status": "unaffected",
                  "version": "ComboAM4PI 1.0.0.9"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ComboAM4v2 PI 1.2.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "RembrandtPI-FP7_1.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedR2KPI-FP5 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbAM4PI 1.0.0.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Picasso\")",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP5_1.2.0.A"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V2000 Series Processor",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP6_1.0.0.8"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "EmbeddedPI-FP7r2_1002"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W5000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 22.Q2 (22.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 RX 6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: Adrenalin Edition 22.5.2 (22.10.17.01)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Radeon\u2122 PRO W6000 Series Graphics Products",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "AMD Software: PRO Edition 22.Q2 (22.10.20)"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "MI-25 / 50",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "No fix planned"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "MI-100",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 6.4.2"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI250",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 7.0"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "AMD Instinct\u2122 MI210",
              "vendor": "AMD",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "ROCm 7.0"
                }
              ]
            }
          ],
          "datePublic": "2026-05-15T03:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation.\u003cbr\u003e"
                }
              ],
              "value": "Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20  Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T03:03:25.036Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5002.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4004.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-1029.html"
            },
            {
              "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "AMD PSIRT Automation 1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2022-23817",
        "datePublished": "2024-08-13T16:51:45.468Z",
        "dateReserved": "2022-01-21T17:14:12.302Z",
        "dateUpdated": "2026-05-15T03:03:25.036Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }