CVE-2021-26361

EPSS 0.13%
Published 12.05.2022 18:16:53
Last modified 21.11.2024 05:56:12
Source psirt@amd.com
Teams watchlist Login
Open Login

A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Amd ≫ Radeon Software Version-

Amd ≫ Ryzen 3 2200u Firmware Version-

Amd ≫ Ryzen 3 2200u Version-

Amd ≫ Ryzen 3 2300u Firmware Version-

Amd ≫ Ryzen 3 2300u Version-

Amd ≫ Ryzen 3 5125c Firmware Version-

Amd ≫ Ryzen 3 5125c Version-

Amd ≫ Ryzen 3 5400u Firmware Version-

Amd ≫ Ryzen 3 5400u Version-

Amd ≫ Athlon 3050ge Firmware Version-

Amd ≫ Athlon 3050ge Version-

Amd ≫ Athlon 3150ge Firmware Version-

Amd ≫ Athlon 3150ge Version-

Amd ≫ Athlon 3150g Firmware Version-

Amd ≫ Athlon 3150g Version-

Amd ≫ Ryzen 3 5425c Firmware Version-

Amd ≫ Ryzen 3 5425c Version-

Amd ≫ Ryzen 3 5425u Firmware Version-

Amd ≫ Ryzen 3 5425u Version-

Amd ≫ Ryzen 5 2500u Firmware Version-

Amd ≫ Ryzen 5 2500u Version-

Amd ≫ Ryzen 5 2600 Firmware Version-

Amd ≫ Ryzen 5 2600 Version-

Amd ≫ Ryzen 5 2600h Firmware Version-

Amd ≫ Ryzen 5 2600h Version-

Amd ≫ Ryzen 5 2600x Firmware Version-

Amd ≫ Ryzen 5 2600x Version-

Amd ≫ Ryzen 5 5560u Firmware Version-

Amd ≫ Ryzen 5 5560u Version-

Amd ≫ Ryzen 5 5600h Firmware Version-

Amd ≫ Ryzen 5 5600h Version-

Amd ≫ Ryzen 5 5600hs Firmware Version-

Amd ≫ Ryzen 5 5600hs Version-

Amd ≫ Ryzen 5 5600u Firmware Version-

Amd ≫ Ryzen 5 5600u Version-

Amd ≫ Ryzen 5 5600x Firmware Version-

Amd ≫ Ryzen 5 5600x Version-

Amd ≫ Ryzen 5 5625c Firmware Version-

Amd ≫ Ryzen 5 5625c Version-

Amd ≫ Ryzen 5 5625u Firmware Version-

Amd ≫ Ryzen 5 5625u Version-

Amd ≫ Ryzen 5 5700g Firmware Version-

Amd ≫ Ryzen 5 5700g Version-

Amd ≫ Ryzen 5 5700ge Firmware Version-

Amd ≫ Ryzen 5 5700ge Version-

Amd ≫ Ryzen 7 2700u Firmware Version-

Amd ≫ Ryzen 7 2700u Version-

Amd ≫ Ryzen 7 2700 Firmware Version-

Amd ≫ Ryzen 7 2700 Version-

Amd ≫ Ryzen 7 2700x Firmware Version-

Amd ≫ Ryzen 7 2700x Version-

Amd ≫ Ryzen 7 2800h Firmware Version-

Amd ≫ Ryzen 7 2800h Version-

Amd ≫ Ryzen 7 5800h Firmware Version-

Amd ≫ Ryzen 7 5800h Version-

Amd ≫ Ryzen 7 5800hs Firmware Version-

Amd ≫ Ryzen 7 5800hs Version-

Amd ≫ Ryzen 7 5800u Firmware Version-

Amd ≫ Ryzen 7 5800u Version-

Amd ≫ Ryzen 7 5825c Firmware Version-

Amd ≫ Ryzen 7 5825c Version-

Amd ≫ Ryzen 7 5825u Firmware Version-

Amd ≫ Ryzen 7 5825u Version-

Amd ≫ Ryzen 9 5980hx Firmware Version-

Amd ≫ Ryzen 9 5980hx Version-

Amd ≫ Ryzen 9 5980hs Firmware Version-

Amd ≫ Ryzen 9 5980hs Version-

Amd ≫ Ryzen 9 5900hx Firmware Version-

Amd ≫ Ryzen 9 5900hx Version-

Amd ≫ Ryzen 9 5900hs Firmware Version-

Amd ≫ Ryzen 9 5900hs Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.13%	0.331

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-26361

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-26361

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-26361

EUVD