CVE-2021-26315
 
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used.
Cuando AMD Platform Security Processor (PSP) carga la rom de arranque, autentica y posteriormente descifra un FW cifrado, debido a una insuficiente verificación de la integridad de la imagen descifrada, es posible ejecutar código arbitrario en la PSP cuando son usadas imágenes de firmware cifradas
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-01-29 CVE Reserved
- 2021-11-16 CVE Published
- 2023-06-09 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-345: Insufficient Verification of Data Authenticity
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021 | 2021-11-18 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Amd Search vendor "Amd" | Epyc 7003 Firmware Search vendor "Amd" for product "Epyc 7003 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7003 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7003 Search vendor "Amd" for product "Epyc 7003" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 72f3 Firmware Search vendor "Amd" for product "Epyc 72f3 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 72f3 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 72f3 Search vendor "Amd" for product "Epyc 72f3" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7313 Firmware Search vendor "Amd" for product "Epyc 7313 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7313 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7313 Search vendor "Amd" for product "Epyc 7313" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7313p Firmware Search vendor "Amd" for product "Epyc 7313p Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7313p Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7313p Search vendor "Amd" for product "Epyc 7313p" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7343 Firmware Search vendor "Amd" for product "Epyc 7343 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7343 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7343 Search vendor "Amd" for product "Epyc 7343" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 73f3 Firmware Search vendor "Amd" for product "Epyc 73f3 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 73f3 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 73f3 Search vendor "Amd" for product "Epyc 73f3" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7413 Firmware Search vendor "Amd" for product "Epyc 7413 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7413 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7413 Search vendor "Amd" for product "Epyc 7413" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7443 Firmware Search vendor "Amd" for product "Epyc 7443 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7443 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7443 Search vendor "Amd" for product "Epyc 7443" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7443p Firmware Search vendor "Amd" for product "Epyc 7443p Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7443p Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7443p Search vendor "Amd" for product "Epyc 7443p" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7453 Firmware Search vendor "Amd" for product "Epyc 7453 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7453 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7453 Search vendor "Amd" for product "Epyc 7453" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 74f3 Firmware Search vendor "Amd" for product "Epyc 74f3 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 74f3 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 74f3 Search vendor "Amd" for product "Epyc 74f3" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7513 Firmware Search vendor "Amd" for product "Epyc 7513 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7513 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7513 Search vendor "Amd" for product "Epyc 7513" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7543 Firmware Search vendor "Amd" for product "Epyc 7543 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7543 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7543 Search vendor "Amd" for product "Epyc 7543" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7543p Firmware Search vendor "Amd" for product "Epyc 7543p Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7543p Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7543p Search vendor "Amd" for product "Epyc 7543p" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 75f3 Firmware Search vendor "Amd" for product "Epyc 75f3 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 75f3 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 75f3 Search vendor "Amd" for product "Epyc 75f3" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7643 Firmware Search vendor "Amd" for product "Epyc 7643 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7643 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7643 Search vendor "Amd" for product "Epyc 7643" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7663 Firmware Search vendor "Amd" for product "Epyc 7663 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7663 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7663 Search vendor "Amd" for product "Epyc 7663" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7713 Firmware Search vendor "Amd" for product "Epyc 7713 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7713 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7713 Search vendor "Amd" for product "Epyc 7713" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7713p Firmware Search vendor "Amd" for product "Epyc 7713p Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7713p Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7713p Search vendor "Amd" for product "Epyc 7713p" | - | - |
Safe
|
Amd Search vendor "Amd" | Epyc 7763 Firmware Search vendor "Amd" for product "Epyc 7763 Firmware" | < milanpi-sp3_1.0.0.4 Search vendor "Amd" for product "Epyc 7763 Firmware" and version " < milanpi-sp3_1.0.0.4" | - |
Affected
| in | Amd Search vendor "Amd" | Epyc 7763 Search vendor "Amd" for product "Epyc 7763" | - | - |
Safe
|