HIGH🇬🇧 English

CVE-2021-26344

CVSS 7.2v3.1pub. 2024-08-13upd. 2025-03-18

An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
  • Amd Epyc 7203

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7203 Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7203p

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7203p Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7282

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7282 Firmware

    OS
    Amd
    < romepi_1.0.0.c
  • Amd Epyc 72f3

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 72f3 Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7302

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7302 Firmware

    OS
    Amd
    < romepi_1.0.0.c
  • Amd Epyc 7302p

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7302p Firmware

    OS
    Amd
    < romepi_1.0.0.c
  • Amd Epyc 7303

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7303 Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7303p

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7303p Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7313

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7313 Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7313p

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7313p Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7343

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7343 Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7352

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7352 Firmware

    OS
    Amd
    < romepi_1.0.0.c
  • Amd Epyc 7373x

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7373x Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 73f3

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 73f3 Firmware

    OS
    Amd
    < milanpi_1.0.0.5
  • Amd Epyc 7402

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7402 Firmware

    OS
    Amd
    < romepi_1.0.0.c
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2023-20520CRITICAL9.8ten sam produkt

Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing...

CVE-2021-46756CRITICAL9.1ten sam produkt

Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow...

CVE-2021-26379CRITICAL9.8ten sam produkt

Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SM...

CVE-2023-20578HIGH7.5ten sam produkt

A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS...

CVE-2024-21980HIGH7.9ten sam produkt

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially ove...