Epyc 7003 Firmware
CVE-2021-26335
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution.
AnalysisAI
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution. Affected products include: Amd Epyc 7003 Firmware, Amd Epyc 7002 Firmware, Amd Epyc 7001 Firmware, Amd Epyc 72F3 Firmware, Amd Epyc 7313 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Epyc 7003 Firmware
View allAMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox ent
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW,
Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value
Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resul
Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value poten
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, po
Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the b
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of inte
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential in
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. Rated med
Share
External POC / Exploit Code
Leaving vuln.today