Amd Amd Ryzen™ Embedded V2000 Series Processors
37 CVEs affecting Amd Amd Ryzen™ Embedded V2000 Series Processors. Latest disclosed: 2026-06-01. Critical: 0, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36342 | High | 8.8 | 2025-09-06 | Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. |
CVE-2024-36352 | High | 8.4 | 2025-09-06 | Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or… |
CVE-2021-26383 | High | 7.9 | 2025-09-06 | Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker with a compromised userspace to invoke a command with malformed… |
CVE-2025-54502 | High | 7.5 | 2026-04-16 | Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve… |
CVE-2024-36354 | High | 7.5 | 2025-09-06 | Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-comp… |
CVE-2024-21947 | High | 7.5 | 2025-09-06 | Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrar… |
CVE-2021-26344 | High | 7.2 | 2024-08-13 | An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image… |
CVE-2025-54518 | High | 7.0 | 2026-05-15 | Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a dif… |
CVE-2022-23817 | High | 7.0 | 2024-08-13 | Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the… |
CVE-2021-26367 | Medium | 5.7 | 2024-08-13 | A malicious attacker in x86 can misconfigure the Trusted Memory Regions (TMRs), which may allow the attacker to set an arbitrary address range for the TMR, pot… |
CVE-2021-46746 | Medium | 5.2 | 2024-08-13 | Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing key… |
CVE-2024-21970 | Medium | 4.4 | 2025-09-06 | Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a l… |
CVE-2021-26377 | Medium | 4.1 | 2025-09-06 | Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer over… |
CVE-2021-46772 | Low | 3.9 | 2024-08-13 | Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI… |
CVE-2021-26387 | Low | 3.9 | 2024-08-13 | Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions… |
CVE-2024-36349 | Low | 3.8 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting i… |
CVE-2024-36348 | Low | 3.8 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enable… |
CVE-2025-0011 | Low | 3.3 | 2025-09-06 | Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potenti… |
CVE-2021-46750 | Low | 3.0 | 2025-09-06 | Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics m… |
CVE-2023-31326 | Low | 2.8 | 2025-09-06 | Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially lead… |