Skip to main content

Severity by source

NVD PRIMARY
5.4 MEDIUM
CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
SUSE
6.0 MEDIUM
AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Red Hat
6.8 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Physical
Attack Complexity
High
Privileges Required
High
User Interaction
A
Scope
X

Lifecycle Timeline

4
Analysis Generated
May 15, 2026 - 04:16 vuln.today
CVSS changed
May 15, 2026 - 02:22 NVD
5.4 (MEDIUM)
CVE Published
May 15, 2026 - 01:41 nvd
UNKNOWN (no severity yet)
CVE Published
May 15, 2026 - 01:41 nvd
MEDIUM 5.4

DescriptionCVE.org

A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system’s confidentiality, integrity, and availability.

AnalysisAI

System Management Mode (SMM) handler in AMD Ryzen mobile, desktop, embedded, Threadripper, and EPYC processors allows privileged local attackers to execute arbitrary code in SMM by triggering a callout to attacker-controlled code in untrusted non-SMM memory. The vulnerability requires high complexity conditions, active user interaction, physical proximity or direct system access, and high privilege level; successful exploitation compromises system confidentiality, integrity, and availability. No public exploit identified at time of analysis.

Technical ContextAI

This vulnerability resides in the System Management Mode (SMM) handler firmware component across multiple AMD processor families. SMM is a highly privileged CPU operating mode that executes outside normal OS context with unrestricted memory access. The flaw occurs when the SMM handler performs a callout to code residing in non-SMM memory (untrusted memory space), allowing a highly privileged attacker to inject or control that code. CWE-1072 (Mismatched Data Type for Processing) indicates the root cause involves improper validation or type handling when transitioning between SMM (trusted) and non-SMM (untrusted) memory contexts. The vulnerability spans firmware across Ryzen 7000/8000/9000 series (Raphael, Phoenix, Granite Ridge), Ryzen Mobile 7040/7045/8040 (DragonRange, FireRange), Ryzen AI 300 series, Threadripper PRO/regular 7000/9000 series, embedded processors, and EPYC 4004/4005 series. Remediation requires firmware updates delivered through BIOS/UEFI patches specific to each processor platform.

RemediationAI

Identify your specific AMD processor model and platform (socket type: AM5, TRX50, FP7, FP8, FP11, etc.) then apply the corresponding BIOS/UEFI firmware update from AMD or your OEM. For AMD Ryzen 7000 Desktop (Raphael), update to ComboAM5PI 1.3.0.0 or later. For Ryzen 8000 Desktop (Phoenix), update to ComboAM5PI 1.3.0.0 or later. For Ryzen 9000 Desktop (Granite Ridge), update to ComboAM5PI 1.2.0.3i or later. For mobile processors (7040/7045/8040 and Z-series), update to PhoenixPI-FP8-FP7 1.2.0.0f or platform-specific equivalent. For Threadripper systems, update to ShimadaPeakPI-SP6 1.0.0.1c or StormPeakPI-SP6 1.1.0.0k depending on model. For EPYC servers, update to ComboAM5PI 1.2.0.3i or later. Firmware updates must be applied through BIOS setup or OEM-provided tools; no workarounds are available for the underlying firmware vulnerability. Test updates in non-production environments first to ensure stability. No compensating controls exist at the OS or hypervisor level given the vulnerability's location in SMM; firmware patching is mandatory. Monitor AMD security bulletins AMD-SB-3030 and AMD-SB-4017 for additional affected platforms or patch availability if your system was not initially listed.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected
SUSE Linux Enterprise Micro 5.3 Affected

Share

EUVD-2026-30496 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy