Vulnerability in Amd Epyc™ 4004 Series Processors

CVE-2026-0438

A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execu…

EPSS: 0.000 (6.8th percentile) — read the EPSS interpretation.

Affected products

Amd Epyc™ 4004 Series Processors — versions ComboAM5PI 1.0.0.d / ComboAM5PI 1.1.0.3f / ComboAM5PI_1.2.0.3i
Amd Epyc™ 4005 Series Processors — versions ComboAM5PI_1.2.0.3i
Amd Ryzen™ 7000 Series Desktop Processors — versions ComboAM5PI 1.0.0.d, ComboAM5PI 1.1.0.3f, ComboAM5PI_1.2.0.3i
Amd Ryzen™ 7000 Series Desktop Processors (Formerly Codenamed "Raphael") — versions ComboAM5PI_1.3.0.0
Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics — versions PhoenixPI-FP8-FP7_1.2.0.0f
Amd Ryzen™ 7045 Series Mobile Processors With Radeon™ Graphics — versions DragonRangeFL1PI 1.0.0.3k
Amd Ryzen™ 8000 Series Desktop Processors — versions ComboAM5PI 1.1.0.3f, ComboAM5PI_1.2.0.3i
Amd Ryzen™ 8000 Series Desktop Processors (Formerly Codenamed "Phoenix") — versions ComboAM5PI_1.3.0.0
Amd Ryzen™ 8040 Series Mobile Processors With Radeon™ Graphics — versions PhoenixPI-FP8-FP7_1.2.0.0f
Amd Ryzen™ 9000hx Series Processors — versions FireRangeFL1PI 1.0.0.0d

Weakness classification (CWE)

CWE-1072

References