VDB
CVE-2021-26391
CVE-2021-26391
PUBLISHED
In AMD Prozessoren existieren mehrere Schwachstellen. Diese bestehen unter anderem in den Komponenten AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV). Sie sind auf verschiedene Fehler wie z.B. mangelhafte Eingabevalidierung, eine TOCTOU-Anfälligkeit oder Fehler bei der Validierung von Adressen zurückzuführen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuführen.
EPSS 0.06% · 19.2th percentile
Risk Scores
EPSS Score
0.06%
19.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| HP | HP Computer | |
| HPE | HPE ProLiant | |
| Dell | Dell PowerEdge | |
| Dell | Dell Computer | |
| Lenovo | Lenovo Computer | |
| AMD | AMD Prozessor | |
| Lenovo | Lenovo BIOS |
Timeline
- Nov 9, 2022 CVE Published
- Nov 10, 2022 EPSS Score
- Nov 24, 2022 EPSS Score
- Dec 23, 2022 EPSS Score
- Feb 4, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 19, 2023 EPSS Score
- May 1, 2023 EPSS Score
- Jun 13, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 20, 2023 EPSS Score
- Dec 2, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2349.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2349 advisory
- https://support.hp.com/us-en/document/ish_8109529-8109560-16/HPSBHF03846 advisory
- https://support.hp.com/us-en/document/ish_7382705-7382735-16/HPSBHF03826 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0061.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0061 advisory
- https://support.lenovo.com/de/de/product_security/ps500559-multi-vendor-bios-security-vulnerabilities-may-2023 advisory
- https://www.dell.com/support/kbdoc/de-de/000207371/dsa-2023-002-dell-poweredge-server-security-update-for-amd-server-vulnerabilities advisory
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1031 advisory
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1032 advisory
- https://support.lenovo.com/de/de/product_security/ps500538-amd-server-vulnerabilities-january-2023 advisory
- https://support.lenovo.com/de/de/product_security/ps500539-amd-client-vulnerabilities-january-2023 advisory
- https://support.hp.com/us-en/document/ish_7491443-7491471-16/HPSBHF03831 advisory
- https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04404 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1190.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1190 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3001.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4001.html advisory
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04471en_us advisory
- https://www.dell.com/support/kbdoc/de-de/000213267/dsa-2023-105-security-update-for-dell-poweredge-server-for-amd-server-vulnerabilities advisory
…and 1 more