Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amdAmd.comAMD-SB-1009
HistoryNov 14, 2021 - 12:00 a.m.

AMD Chipset Driver Information Disclosure Vulnerability

2021-11-1400:00:00
amd.com
www.amd.com
25

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

17.4%

JSON

Bulletin ID: AMD-SB-1009 **Potential Impact:**Information Disclosure **Severity:**Medium

Summary

Low privileged malicious users may be able to access and leak data through the AMD Chipset Driver.

CVE Details

CVE-2021-26333

Insufficient access controls in the AMD Link Android app may potentially result in information disclosure.

Affected Products

  • 2nd Gen AMD Ryzen Mobile Processor with Radeon Graphics
  • 2nd Gen AMD Ryzen Threadripper processor
  • 3rd Gen AMD Ryzen™ Threadripper™ Processors
  • 6th Generation AMD A series CPU with Radeon™ Graphics
  • 6th Generation AMD A-Series Mobile Processor
  • 6th Generation AMD FX APU with Radeon™ R7 Graphics
  • 7th Generation AMD A-Series APUs
  • 7th Generation AMD A-Series Mobile Processor
  • 7th Generation AMD E-Series Mobile Processor
  • AMD A4-Series APU with Radeon Graphics
  • AMD A6 APU with Radeon R5 Graphics
  • AMD A8 APU with Radeon R6 Graphics
  • AMD A10 APU with Radeon R6 Graphics
  • AMD 3000 Series Mobile Processors with Radeon™ Graphics
  • AMD Athlon 3000 Series Mobile Processors with Radeon™ Graphics
  • AMD Athlon Mobile Processors with Radeon™ Graphics
  • AMD Athlon X4 Processor
  • AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
  • AMD Athlon™ X4 Processor
  • AMD E1-Series APU with Radeon Graphics
  • AMD Ryzen™ 1000 series Processor
  • AMD Ryzen™ 2000 series Desktop Processor
  • AMD Ryzen™ 2000 series Mobile Processor
  • AMD Ryzen™ 3000 Series Desktop Processor
  • AMD Ryzen™ 3000 series Mobile Processor with Radeon™ Graphics
  • AMD Ryzen™ 3000 series Mobile Processor
  • AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
  • AMD Ryzen™ 5000 Series Desktop Processor
  • AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
  • AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
  • AMD Ryzen™ Threadripper™ PRO Processor
  • AMD Ryzen™ Threadripper™ Processor

Mitigation

AMD recommends updating to AMD PSP driver 5.17.0.0 through Windows Update or by updating to AMD Chipset Driver 3.08.17.735.

Related

cve 1
prion 1
cvelist 1
nvd 1
nessus 1
hp 1
cve
cve
CVE-2021-26333
2021-09-21 11:15:07
prion
prion
Information disclosure
2021-09-21 11:15:00
cvelist
cvelist
CVE-2021-26333 AMD Chipset Driver Information Disclosure Vulnerability
2021-09-14 00:00:00
nvd
nvd
CVE-2021-26333
2021-09-21 11:15:07
nessus
nessus
AMD Platform Security Processor (PSP) Chipset Driver Information Disclosure (AMD-SB-1009)
2021-10-01 00:00:00
hp
hp
AMD® Chipset Driver September 2021 Security Update
2021-09-15 00:00:00

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

17.4%

JSON
Related for AMD-SB-1009
cve1prion1cvelist1nvd1nessus1hp1