threat
engine
.sh
Back
·
··:··
Home
/
Product
/
amd epyc 7551 firmware
Product
amd epyc 7551 firmware
40 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-20578
< naplespi_1.0.0.k
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell
7.5
HIGH
CVE-2021-26344
all versions
An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the abil
7.2
HIGH
CVE-2023-20592
all versions
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affe
6.5
MEDIUM
CVE-2023-20526
< naplespi_1.0.0.h
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents o
1.9
LOW
CVE-2023-20521
< naplespi_1.0.0.h
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verifi
3.3
LOW
CVE-2021-46774
< naplespi_1.0.0.k
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM a
6.7
MEDIUM
CVE-2023-20588
all versions
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
5.5
MEDIUM
CVE-2023-20575
all versions
A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting
6.5
MEDIUM
CVE-2021-46756
all versions
Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow an attacker with a
9.1
CRITICAL
CVE-2023-20520
all versions
Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffe
9.8
CRITICAL
CVE-2021-26406
all versions
Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization) a
7.5
HIGH
CVE-2021-26371
< naplespi_1.0.0.h
A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memo
5.5
MEDIUM
CVE-2021-26356
< naplespi_1.0.0.h
A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in
7.4
HIGH
CVE-2023-20527
< naplespi_1.0.0.g
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially
6.5
MEDIUM
CVE-2021-26403
< naplespi_1.0.0.e
Insufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of
6.5
MEDIUM
CVE-2021-26398
< naplespi_1.0.0.h
Insufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corr
7.8
HIGH
CVE-2022-23824
all versions
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information
5.5
MEDIUM
CVE-2021-46778
all versions
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen
5.6
MEDIUM
CVE-2022-23825
all versions
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information
6.5
MEDIUM
CVE-2022-29900
all versions
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitect
6.5
MEDIUM
CVE-2022-23823
all versions
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing a
6.5
MEDIUM
CVE-2021-46744
all versions
An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring c
6.5
MEDIUM
CVE-2021-26342
< naplespi-sp3_1.0.0.h
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations t
3.3
LOW
CVE-2021-26408
< naplespi-sp3_1.0.0.g
Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resu
7.1
HIGH
CVE-2021-26401
all versions
LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
5.6
MEDIUM
CVE-2021-26341
all versions
Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
6.5
MEDIUM
CVE-2020-12966
all versions
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State
5.5
MEDIUM
CVE-2021-26340
all versions
A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Tr
8.4
HIGH
CVE-2021-26335
< naplespi-sp3_1.0.0.g
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker
7.8
HIGH
CVE-2021-26331
< naplespi-sp3_1.0.0.g
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leadi
7.8
HIGH
CVE-2021-26330
< naplespi-sp3_1.0.0.g
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources.
5.5
MEDIUM
CVE-2021-26321
< naplespi-sp3_1.0.0.g
Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of
5.5
MEDIUM
CVE-2021-26320
< naplespi-sp3_1.0.0.g
Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authentic
5.5
MEDIUM
CVE-2020-12954
< naplespi-sp3_1.0.0.g
A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI ROM protections, allowing unauth
5.5
MEDIUM
CVE-2020-12951
< naplespi-sp3_1.0.0.g
Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM (System Management Mode) operations.
7.0
HIGH
CVE-2020-12944
< naplespi-sp3_1.0.0.g
Insufficient validation of BIOS image length by ASP Firmware could lead to arbitrary code execution.
7.8
HIGH
CVE-2021-26329
< naplespi-sp3_1.0.0.g
AMD System Management Unit (SMU) may experience an integer overflow when an invalid length is provided which may result in a poten
5.5
MEDIUM
CVE-2021-26322
< naplespi-sp3_1.0.0.g
Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”.
7.5
HIGH
CVE-2021-26312
< naplespi-sp3_1.0.0.g
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write t
5.5
MEDIUM
CVE-2020-12988
< naplespi-sp3_1.0.0.g
A potential denial of service (DoS) vulnerability exists in the integrated chipset that may allow a malicious attacker to hang the
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin