8.2

CVE-2021-26344

An out of bounds memory write when processing the AMD
PSP1 Configuration Block (APCB) could allow an attacker with access the ability
to modify the BIOS image, and the ability to sign the resulting image, to
potentially modify the APCB block resulting in arbitrary code execution.

Data is provided by the National Vulnerability Database (NVD)
AmdEpyc 7203 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7203 Version-
AmdEpyc 7203p Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7203p Version-
AmdEpyc 72f3 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 72f3 Version-
AmdEpyc 7303 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7303 Version-
AmdEpyc 7303p Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7303p Version-
AmdEpyc 7313 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7313 Version-
AmdEpyc 7313p Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7313p Version-
AmdEpyc 7343 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7343 Version-
AmdEpyc 73f3 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 73f3 Version-
AmdEpyc 7373x Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7373x Version-
AmdEpyc 7413 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7413 Version-
AmdEpyc 7443 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7443 Version-
AmdEpyc 7443p Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7443p Version-
AmdEpyc 74f3 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 74f3 Version-
AmdEpyc 7453 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7453 Version-
AmdEpyc 7473x Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7473x Version-
AmdEpyc 7513 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7513 Version-
AmdEpyc 7543 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7543 Version-
AmdEpyc 7543p Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7543p Version-
AmdEpyc 75f3 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 75f3 Version-
AmdEpyc 7573x Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7573x Version-
AmdEpyc 7643 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7643 Version-
AmdEpyc 7773x Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7773x Version-
AmdEpyc 7643p Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7643p Version-
AmdEpyc 7663 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7663 Version-
AmdEpyc 7663p Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7663p Version-
AmdEpyc 7713 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7713 Version-
AmdEpyc 7713p Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7713p Version-
AmdEpyc 7763 Firmware Version < milanpi_1.0.0.5
   AmdEpyc 7763 Version-
AmdEpyc 7h12 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7h12 Version-
AmdEpyc 7f72 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7f72 Version-
AmdEpyc 7f52 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7f52 Version-
AmdEpyc 7f32 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7f32 Version-
AmdEpyc 7742 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7742 Version-
AmdEpyc 7702p Firmware Version < romepi_1.0.0.c
   AmdEpyc 7702p Version-
AmdEpyc 7702 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7702 Version-
AmdEpyc 7662 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7662 Version-
AmdEpyc 7642 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7642 Version-
AmdEpyc 7552 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7552 Version-
AmdEpyc 7542 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7542 Version-
AmdEpyc 7532 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7532 Version-
AmdEpyc 7502p Firmware Version < romepi_1.0.0.c
   AmdEpyc 7502p Version-
AmdEpyc 7502 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7502 Version-
AmdEpyc 7452 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7452 Version-
AmdEpyc 7402p Firmware Version < romepi_1.0.0.c
   AmdEpyc 7402p Version-
AmdEpyc 7402 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7402 Version-
AmdEpyc 7352 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7352 Version-
AmdEpyc 7302p Firmware Version < romepi_1.0.0.c
   AmdEpyc 7302p Version-
AmdEpyc 7302 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7302 Version-
AmdEpyc 7282 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7282 Version-
AmdEpyc 7272 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7272 Version-
AmdEpyc 7262 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7262 Version-
AmdEpyc 7252 Firmware Version < romepi_1.0.0.c
   AmdEpyc 7252 Version-
AmdEpyc 7232p Firmware Version < romepi_1.0.0.c
   AmdEpyc 7232p Version-
AmdEpyc 7601 Firmware Version-
   AmdEpyc 7601 Version-
AmdEpyc 7551p Firmware Version-
   AmdEpyc 7551p Version-
AmdEpyc 7551 Firmware Version-
   AmdEpyc 7551 Version-
AmdEpyc 7501 Firmware Version-
   AmdEpyc 7501 Version-
AmdEpyc 7451 Firmware Version-
   AmdEpyc 7451 Version-
AmdEpyc 7401p Firmware Version-
   AmdEpyc 7401p Version-
AmdEpyc 7401 Firmware Version-
   AmdEpyc 7401 Version-
AmdEpyc 7371 Firmware Version-
   AmdEpyc 7371 Version-
AmdEpyc 7351p Firmware Version-
   AmdEpyc 7351p Version-
AmdEpyc 7351 Firmware Version-
   AmdEpyc 7351 Version-
AmdEpyc 7301 Firmware Version-
   AmdEpyc 7301 Version-
AmdEpyc 7281 Firmware Version-
   AmdEpyc 7281 Version-
AmdEpyc 7261 Firmware Version-
   AmdEpyc 7261 Version-
AmdEpyc 7251 Firmware Version-
   AmdEpyc 7251 Version-
AmdEpyc 7001 Firmware Version-
   AmdEpyc 7001 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.05% 0.168
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.2 1.5 6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
psirt@amd.com 7.2 0.6 6
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.