VDB
CVE-2021-46766
CVE-2021-46766
PUBLISHED
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
EPSS 0.03% · 10.3th percentile
Risk Scores
EPSS Score
0.03%
10.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source CentOS | |
| HP | HP Computer | |
| HPE | HPE ProLiant | |
| AMD | AMD Prozessor | |
| SUSE | SUSE Linux | |
| IBM | IBM Power Hardware Management Console V10 | |
| Red Hat | Red Hat Enterprise Linux | |
| Dell | Dell Computer | |
| Lenovo | Lenovo Computer | |
| Dell | Dell BIOS | |
| Oracle | Oracle Linux | |
| Lenovo | Lenovo BIOS |
Exploit Intelligence
Timeline
- Nov 14, 2023 CVE Published
- Nov 15, 2023 EPSS Score
- Dec 15, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Feb 14, 2024 EPSS Score
- Mar 15, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 14, 2024 EPSS Score
- Jul 14, 2024 EPSS Score
- Aug 13, 2024 EPSS Score
- Sep 12, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2916.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2916 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4002.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7011.html advisory
- https://support.lenovo.com/de/de/product_security/ps500589-multi-vendor-bios-security-vulnerabilities-november-2023 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017285.html advisory
- https://www.dell.com/support/kbdoc/000220057/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220223/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220054/dsa-2023-= advisory
- https://support.hp.com/us-en/document/ish_9799938-9799975-16/HPSBHF03893 advisory
- https://www.dell.com/support/kbdoc/000218423/dsa-2023-= advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017397.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017401.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017396.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017402.html advisory
- https://support.hp.com/us-en/document/ish_9925738-9925742-16/HPSBHF03892 advisory
- https://access.redhat.com/errata/RHSA-2024:0753 advisory
- https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5001.html advisory
…and 12 more