// For flags

CVE-2021-26315

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used.

Cuando AMD Platform Security Processor (PSP) carga la rom de arranque, autentica y posteriormente descifra un FW cifrado, debido a una insuficiente verificación de la integridad de la imagen descifrada, es posible ejecutar código arbitrario en la PSP cuando son usadas imágenes de firmware cifradas

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-01-29 CVE Reserved
  • 2021-11-16 CVE Published
  • 2023-06-09 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-345: Insufficient Verification of Data Authenticity
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Amd
Search vendor "Amd"
Epyc 7003 Firmware
Search vendor "Amd" for product "Epyc 7003 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7003 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7003
Search vendor "Amd" for product "Epyc 7003"
--
Safe
Amd
Search vendor "Amd"
Epyc 72f3 Firmware
Search vendor "Amd" for product "Epyc 72f3 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 72f3 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 72f3
Search vendor "Amd" for product "Epyc 72f3"
--
Safe
Amd
Search vendor "Amd"
Epyc 7313 Firmware
Search vendor "Amd" for product "Epyc 7313 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7313 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7313
Search vendor "Amd" for product "Epyc 7313"
--
Safe
Amd
Search vendor "Amd"
Epyc 7313p Firmware
Search vendor "Amd" for product "Epyc 7313p Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7313p Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7313p
Search vendor "Amd" for product "Epyc 7313p"
--
Safe
Amd
Search vendor "Amd"
Epyc 7343 Firmware
Search vendor "Amd" for product "Epyc 7343 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7343 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7343
Search vendor "Amd" for product "Epyc 7343"
--
Safe
Amd
Search vendor "Amd"
Epyc 73f3 Firmware
Search vendor "Amd" for product "Epyc 73f3 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 73f3 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 73f3
Search vendor "Amd" for product "Epyc 73f3"
--
Safe
Amd
Search vendor "Amd"
Epyc 7413 Firmware
Search vendor "Amd" for product "Epyc 7413 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7413 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7413
Search vendor "Amd" for product "Epyc 7413"
--
Safe
Amd
Search vendor "Amd"
Epyc 7443 Firmware
Search vendor "Amd" for product "Epyc 7443 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7443 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7443
Search vendor "Amd" for product "Epyc 7443"
--
Safe
Amd
Search vendor "Amd"
Epyc 7443p Firmware
Search vendor "Amd" for product "Epyc 7443p Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7443p Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7443p
Search vendor "Amd" for product "Epyc 7443p"
--
Safe
Amd
Search vendor "Amd"
Epyc 7453 Firmware
Search vendor "Amd" for product "Epyc 7453 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7453 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7453
Search vendor "Amd" for product "Epyc 7453"
--
Safe
Amd
Search vendor "Amd"
Epyc 74f3 Firmware
Search vendor "Amd" for product "Epyc 74f3 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 74f3 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 74f3
Search vendor "Amd" for product "Epyc 74f3"
--
Safe
Amd
Search vendor "Amd"
Epyc 7513 Firmware
Search vendor "Amd" for product "Epyc 7513 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7513 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7513
Search vendor "Amd" for product "Epyc 7513"
--
Safe
Amd
Search vendor "Amd"
Epyc 7543 Firmware
Search vendor "Amd" for product "Epyc 7543 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7543 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7543
Search vendor "Amd" for product "Epyc 7543"
--
Safe
Amd
Search vendor "Amd"
Epyc 7543p Firmware
Search vendor "Amd" for product "Epyc 7543p Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7543p Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7543p
Search vendor "Amd" for product "Epyc 7543p"
--
Safe
Amd
Search vendor "Amd"
Epyc 75f3 Firmware
Search vendor "Amd" for product "Epyc 75f3 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 75f3 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 75f3
Search vendor "Amd" for product "Epyc 75f3"
--
Safe
Amd
Search vendor "Amd"
Epyc 7643 Firmware
Search vendor "Amd" for product "Epyc 7643 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7643 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7643
Search vendor "Amd" for product "Epyc 7643"
--
Safe
Amd
Search vendor "Amd"
Epyc 7663 Firmware
Search vendor "Amd" for product "Epyc 7663 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7663 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7663
Search vendor "Amd" for product "Epyc 7663"
--
Safe
Amd
Search vendor "Amd"
Epyc 7713 Firmware
Search vendor "Amd" for product "Epyc 7713 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7713 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7713
Search vendor "Amd" for product "Epyc 7713"
--
Safe
Amd
Search vendor "Amd"
Epyc 7713p Firmware
Search vendor "Amd" for product "Epyc 7713p Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7713p Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7713p
Search vendor "Amd" for product "Epyc 7713p"
--
Safe
Amd
Search vendor "Amd"
Epyc 7763 Firmware
Search vendor "Amd" for product "Epyc 7763 Firmware"
< milanpi-sp3_1.0.0.4
Search vendor "Amd" for product "Epyc 7763 Firmware" and version " < milanpi-sp3_1.0.0.4"
-
Affected
in Amd
Search vendor "Amd"
Epyc 7763
Search vendor "Amd" for product "Epyc 7763"
--
Safe