CVE-2021-26360

2022-11-0920:44:26

AMD

www.cve.org

attacker access system

unauthorized modifications

security configuration

soc registers

amd secure processor

encrypted memory

arbitrary code execution

EPSS

Percentile

5.1%

JSON

An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP.

CNA Affected

[
  {
    "vendor": "AMD",
    "product": "AMD Radeon RX 6000 Series & PRO W6000 Series",
    "versions": [
      {
        "version": "AMD Radeon Software",
        "status": "affected",
        "lessThan": "22.5.2",
        "versionType": "custom"
      },
      {
        "version": "AMD Radeon Pro Software Enterprise",
        "status": "affected",
        "lessThan": "22.Q2",
        "versionType": "custom"
      },
      {
        "version": "Enterprise Driver",
        "status": "affected",
        "lessThan": "22.10.20",
        "versionType": "custom"
      }
    ]
  }
]

References

www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2021-26360