Amd Amd Epyc™ Embedded 7002 Series Processors
15 CVEs affecting Amd Amd Epyc™ Embedded 7002 Series Processors. Latest disclosed: 2026-05-15. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-20599 | High | 7.9 | 2025-06-10 | Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 re… |
CVE-2024-36354 | High | 7.5 | 2025-09-06 | Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-comp… |
CVE-2021-26344 | High | 7.2 | 2024-08-13 | An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image… |
CVE-2024-21981 | Medium | 5.7 | 2024-08-13 | Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to ex… |
CVE-2021-46746 | Medium | 5.2 | 2024-08-13 | Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing key… |
CVE-2021-46772 | Low | 3.9 | 2024-08-13 | Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI… |
CVE-2021-26387 | Low | 3.9 | 2024-08-13 | Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions… |
CVE-2024-36348 | Low | 3.8 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enable… |
CVE-2024-36349 | Low | 3.8 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting i… |
CVE-2025-54518 | | 2026-05-15 | Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a dif… | |
CVE-2025-54502 | | 2026-04-16 | Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve… | |
CVE-2023-31364 | | 2026-02-26 | Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with wr… | |
CVE-2024-21961 | | 2026-02-12 | Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potenti… | |
CVE-2025-52533 | | 2026-02-12 | Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentia… | |
CVE-2025-29950 | | 2026-02-10 | Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution. |