Vulnerability in Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics
CVE-2021-26344
An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB blo…
EPSS: 0.001 (23.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H.
Affected products
- Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics — versions various
- Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics — versions various
- Amd Epyc™ 7001 Series Processors — versions various
- Amd Epyc™ 7002 Series Processors — versions RomePI 1.0.0.C
- Amd Epyc™ 7003 Series Processors — versions MilanPI 1.0.0.5
- Amd Epyc™ Embedded 3000 Series Processors — versions Various
- Amd Epyc™ Embedded 7002 Series Processors — versions EmbRomePI-SP3 1.0.0.6
- Amd Epyc™ Embedded 7003 Series Processors — versions EmbMilanPI-SP3 1.0.0.2
- Amd Ryzen™ 3000 Series Desktop Processors — versions various
- Amd Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics — versions various
References
- www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html (vendor-advisory)
Frequently asked questions
- What is CVE-2021-26344?
- CVE-2021-26344 is a high-severity vulnerability in Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics. CVSS score: 7.2/10. Published 2024-08-13.
- How severe is CVE-2021-26344?
- High severity. CVSS v3 base score is 7.2 out of 10.