Amd Amd Ryzen™ Threadripper™ Pro 7000 Wx-series Processors
22 CVEs affecting Amd Amd Ryzen™ Threadripper™ Pro 7000 Wx-series Processors. Latest disclosed: 2026-05-19. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0179 | High | 8.2 | 2025-02-11 | SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in ar… |
CVE-2024-21925 | High | 8.2 | 2025-02-11 | Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution. |
CVE-2024-21924 | High | 8.2 | 2025-02-11 | SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbit… |
CVE-2024-36347 | Medium | 6.4 | 2025-06-27 | Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, pot… |
CVE-2024-36357 | Medium | 5.6 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensit… |
CVE-2024-36350 | Medium | 5.6 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of pr… |
CVE-2024-36348 | Low | 3.8 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enable… |
CVE-2024-36349 | Low | 3.8 | 2025-07-08 | A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting i… |
CVE-2023-31330 | Low | 2.5 | 2025-09-06 | An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss… |
CVE-2024-36343 | | 2026-05-19 | Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write… | |
CVE-2025-48516 | | 2026-05-15 | Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotec… | |
CVE-2026-0438 | | 2026-05-15 | A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active use… | |
CVE-2026-0432 | | 2026-05-15 | Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arb… | |
CVE-2025-0045 | | 2026-05-15 | Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting… | |
CVE-2024-36345 | | 2026-05-15 | Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, po… | |
CVE-2025-62625 | | 2026-05-14 | Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in un… | |
CVE-2025-62619 | | 2026-05-14 | Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, p… | |
CVE-2025-54502 | | 2026-04-16 | Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve… | |
CVE-2025-52533 | | 2026-02-12 | Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentia… | |
CVE-2024-36355 | | 2026-02-10 | Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, pote… |