Skip to main content

CWE-1072

Data Resource Access without Use of Connection Pooling

1 CVEs Avg CVSS 5.4 MITRE
0
CRITICAL
0
HIGH
1
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2026-0438 MEDIUM This Month

System Management Mode (SMM) handler in AMD Ryzen mobile, desktop, embedded, Threadripper, and EPYC processors allows privileged local attackers to execute arbitrary code in SMM by triggering a callout to attacker-controlled code in untrusted non-SMM memory. The vulnerability requires high complexity conditions, active user interaction, physical proximity or direct system access, and high privilege level; successful exploitation compromises system confidentiality, integrity, and availability. No public exploit identified at time of analysis.

Information Disclosure Amd Ryzen 7040 Series Mobile Processors With Radeon Graphics Amd Ryzen 7045 Series Mobile Processors With Radeon Graphics Amd Ryzen 7000 Series Desktop Processors Amd Ryzen 9000Hx Series Processors +23
NVD VulDB
CVSS 4.0
5.4
EPSS
0.0%
EPSS 0% CVSS 5.4
MEDIUM This Month

System Management Mode (SMM) handler in AMD Ryzen mobile, desktop, embedded, Threadripper, and EPYC processors allows privileged local attackers to execute arbitrary code in SMM by triggering a callout to attacker-controlled code in untrusted non-SMM memory. The vulnerability requires high complexity conditions, active user interaction, physical proximity or direct system access, and high privilege level; successful exploitation compromises system confidentiality, integrity, and availability. No public exploit identified at time of analysis.

Information Disclosure Amd Ryzen 7040 Series Mobile Processors With Radeon Graphics Amd Ryzen 7045 Series Mobile Processors With Radeon Graphics +25
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy