CVE-2021-46756

🗓️ 09 May 2023 19:00:35Reported by AMDType

CVE-2021-46756: Insufficient input validation in ASP bootloade

Reporter	Title	Published	Views	Family All 11
Amd	AMD Server Vulnerabilities – May 2023	9 May 202300:00	–	amd
Amd	Client Vulnerabilities – May 2023	9 May 202300:00	–	amd
Circl	CVE-2021-46756	10 May 202300:39	–	circl
CNNVD	AMD Secure Processor和AMD System Management Unit 输入验证错误漏洞	9 May 202300:00	–	cnnvd
Cvelist	CVE-2021-46756	9 May 202319:00	–	cvelist
EUVD	EUVD-2021-33412	3 Oct 202520:07	–	euvd
Hewlett-Packard	AMD Client UEFI Firmware May 2023 Security Update	9 May 202300:00	–	hp
NVD	CVE-2021-46756	9 May 202320:15	–	nvd
Prion	Input validation	9 May 202320:15	–	prion
Positive Technologies	PT-2023-12571 · Amd · Asp	9 May 202300:00	–	ptsecurity

NVD

Node

amd epyc_72f3_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_72f3Match-

Node

amd epyc_7313_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7313Match-

Node

amd epyc_7313p_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7313pMatch-

Node

amd epyc_7343_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7343Match-

Node

amd epyc_7373x_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7373xMatch-

Node

amd epyc_73f3_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_73f3Match-

Node

amd epyc_7413_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7413Match-

Node

amd epyc_7443_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7443Match-

Node

amd epyc_7443p_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7443pMatch-

Node

amd epyc_7453_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7453Match-

Node

amd epyc_7473x_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7473xMatch-

Node

amd epyc_74f3_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_74f3Match-

Node

amd epyc_7513_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7513Match-

Node

amd epyc_7543_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7543Match-

Node

amd epyc_7543p_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7543pMatch-

Node

amd epyc_7573x_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7573xMatch-

Node

amd epyc_75f3_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_75f3Match-

Node

amd epyc_7643_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7643Match-

Node

amd epyc_7663_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7663Match-

Node

amd epyc_7713_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7713Match-

Node

amd epyc_7713p_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7713pMatch-

Node

amd epyc_7763_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7763Match-

Node

amd epyc_7773x_firmwareMatchmilanpi_1.0.0.9

AND

amd epyc_7773xMatch-

Node

amd epyc_7232p_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7232pMatch-

Node

amd epyc_7252_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7252Match-

Node

amd epyc_7262_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7262Match-

Node

amd epyc_7272_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7272Match-

Node

amd epyc_7282_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7282Match-

Node

amd epyc_7302_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7302Match-

Node

amd epyc_7302p_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7302pMatch-

Node

amd epyc_7352_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7352Match-

Node

amd epyc_7402_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7402Match-

Node

amd epyc_7402p_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7402pMatch-

Node

amd epyc_7452_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7452Match-

Node

amd epyc_7502_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7502Match-

Node

amd epyc_7502p_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7502pMatch-

Node

amd epyc_7532_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7532Match-

Node

amd epyc_7542_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7542Match-

Node

amd epyc_7552_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7552Match-

Node

amd epyc_7642_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7642Match-

Node

amd epyc_7662_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7662Match-

Node

amd epyc_7702_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7702Match-

Node

amd epyc_7702p_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7702pMatch-

Node

amd epyc_7742_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7742Match-

Node

amd epyc_7f32_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7f32Match-

Node

amd epyc_7f52_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7f52Match-

Node

amd epyc_7f72_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7f72Match-

Node

amd epyc_7h12_firmwareMatchromepi_1.0.0.e

AND

amd epyc_7h12Match-

Node

amd epyc_7251_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7251Match-

Node

amd epyc_7261_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7261Match-

Node

amd epyc_7281_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7281Match-

Node

amd epyc_7301_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7301Match-

Node

amd epyc_7351_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7351Match-

Node

amd epyc_7351p_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7351pMatch-

Node

amd epyc_7371_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7371Match-

Node

amd epyc_7401_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7401Match-

Node

amd epyc_7401p_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7401pMatch-

Node

amd epyc_7451_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7451Match-

Node

amd epyc_7501_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7501Match-

Node

amd epyc_7551_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7551Match-

Node

amd epyc_7551p_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7551pMatch-

Node

amd epyc_7571_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7571Match-

Node

amd epyc_7601_firmwareMatchnaplespi_1.0.0.j

AND

amd epyc_7601Match-

[
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 2000 series Desktop Processors “Raven Ridge” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 2000 Series Desktop Processors “Pinnacle Ridge”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Desktop Processors “Matisse” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics  “Cezanne” AM4",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "Various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "2nd Gen AMD Ryzen™ Threadripper™ Processors “Colfax”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULP",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics   “Pollock”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 2000 Series Mobile Processors “Raven Ridge” FP5",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” ",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "1st Gen AMD EPYC™ Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "2nd Gen AMD EPYC™ Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "3rd Gen AMD EPYC™ Processors",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]

Source	Link
amd	www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3001
amd	www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

28 Jan 2025 16:15Current

9.1High risk

Vulners AI Score9.1

CVSS 3.19.1

EPSS0.0047

SSVC

CWE-20