Amd Ryzen 8040 Series Mobile Processors With Radeon Graphics
Monthly
Out-of-bounds read in power management firmware affects AMD Ryzen AI, Ryzen 7000/8000 series mobile processors, Ryzen 8000 desktop processors, embedded processors, and Radeon graphics products. A local attacker with low privileges can read sensitive firmware data, potentially disclosing confidential information and causing availability degradation. CVSS 4.8 (low severity) reflects limited privilege requirements and contained impact, though the vulnerability affects a broad processor family.
DDR5 memory modules in multiple AMD Ryzen processor families contain an insecure default PMIC (Power Management Integrated Circuit) interface configuration that allows local users with standard privileges to cause permanent denial of service or corrupt memory module integrity via unprotected firmware access. The vulnerability affects Ryzen 4000, 7000, 7020, 7030, 7035, 7040, 7045 series processors and Threadripper Pro 3000 WX-series, requiring local system access but no special privileges or user interaction. No public exploit code or active exploitation has been confirmed at time of analysis.
Improper access control between JTAG and AXI interfaces in AMD Ryzen 7040, 8000, 8040 mobile, and Embedded 8000 series processors allows attackers with physical access to read or modify cross-chip debug (XCD) registers, potentially compromising data integrity and confidentiality. The vulnerability requires physical proximity and specialized hardware capability but can bypass authentication mechanisms protecting debug interfaces. No public exploit code or active exploitation has been identified at the time of analysis.
System Management Mode (SMM) handler in AMD Ryzen mobile, desktop, embedded, Threadripper, and EPYC processors allows privileged local attackers to execute arbitrary code in SMM by triggering a callout to attacker-controlled code in untrusted non-SMM memory. The vulnerability requires high complexity conditions, active user interaction, physical proximity or direct system access, and high privilege level; successful exploitation compromises system confidentiality, integrity, and availability. No public exploit identified at time of analysis.
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
Out-of-bounds read in power management firmware affects AMD Ryzen AI, Ryzen 7000/8000 series mobile processors, Ryzen 8000 desktop processors, embedded processors, and Radeon graphics products. A local attacker with low privileges can read sensitive firmware data, potentially disclosing confidential information and causing availability degradation. CVSS 4.8 (low severity) reflects limited privilege requirements and contained impact, though the vulnerability affects a broad processor family.
DDR5 memory modules in multiple AMD Ryzen processor families contain an insecure default PMIC (Power Management Integrated Circuit) interface configuration that allows local users with standard privileges to cause permanent denial of service or corrupt memory module integrity via unprotected firmware access. The vulnerability affects Ryzen 4000, 7000, 7020, 7030, 7035, 7040, 7045 series processors and Threadripper Pro 3000 WX-series, requiring local system access but no special privileges or user interaction. No public exploit code or active exploitation has been confirmed at time of analysis.
Improper access control between JTAG and AXI interfaces in AMD Ryzen 7040, 8000, 8040 mobile, and Embedded 8000 series processors allows attackers with physical access to read or modify cross-chip debug (XCD) registers, potentially compromising data integrity and confidentiality. The vulnerability requires physical proximity and specialized hardware capability but can bypass authentication mechanisms protecting debug interfaces. No public exploit code or active exploitation has been identified at the time of analysis.
System Management Mode (SMM) handler in AMD Ryzen mobile, desktop, embedded, Threadripper, and EPYC processors allows privileged local attackers to execute arbitrary code in SMM by triggering a callout to attacker-controlled code in untrusted non-SMM memory. The vulnerability requires high complexity conditions, active user interaction, physical proximity or direct system access, and high privilege level; successful exploitation compromises system confidentiality, integrity, and availability. No public exploit identified at time of analysis.
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.