CVE-2021-46766

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.

La limpieza inadecuada de datos confidenciales en el ASP Bootloader puede exponer claves secretas a un atacante privilegiado que acceda a ASP SRAM, lo que podría provocar una pérdida de confidencialidad.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-03-31 CVE Reserved
2023-11-14 CVE Published
2024-02-14 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-459: Incomplete Cleanup

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002	2024-06-18
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002	2024-06-18
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001	2024-06-18

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Amd Search vendor "Amd"	Epyc 9654p Firmware Search vendor "Amd" for product "Epyc 9654p Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9654p Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9654p Search vendor "Amd" for product "Epyc 9654p"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9654 Firmware Search vendor "Amd" for product "Epyc 9654 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9654 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9654 Search vendor "Amd" for product "Epyc 9654"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9634 Firmware Search vendor "Amd" for product "Epyc 9634 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9634 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9634 Search vendor "Amd" for product "Epyc 9634"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9554p Firmware Search vendor "Amd" for product "Epyc 9554p Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9554p Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9554p Search vendor "Amd" for product "Epyc 9554p"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9554 Firmware Search vendor "Amd" for product "Epyc 9554 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9554 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9554 Search vendor "Amd" for product "Epyc 9554"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9534 Firmware Search vendor "Amd" for product "Epyc 9534 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9534 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9534 Search vendor "Amd" for product "Epyc 9534"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9474f Firmware Search vendor "Amd" for product "Epyc 9474f Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9474f Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9474f Search vendor "Amd" for product "Epyc 9474f"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9454p Firmware Search vendor "Amd" for product "Epyc 9454p Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9454p Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9454p Search vendor "Amd" for product "Epyc 9454p"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9454 Firmware Search vendor "Amd" for product "Epyc 9454 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9454 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9454 Search vendor "Amd" for product "Epyc 9454"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9374f Firmware Search vendor "Amd" for product "Epyc 9374f Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9374f Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9374f Search vendor "Amd" for product "Epyc 9374f"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9354p Firmware Search vendor "Amd" for product "Epyc 9354p Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9354p Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9354p Search vendor "Amd" for product "Epyc 9354p"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9354 Firmware Search vendor "Amd" for product "Epyc 9354 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9354 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9354 Search vendor "Amd" for product "Epyc 9354"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9334 Firmware Search vendor "Amd" for product "Epyc 9334 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9334 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9334 Search vendor "Amd" for product "Epyc 9334"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9274f Firmware Search vendor "Amd" for product "Epyc 9274f Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9274f Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9274f Search vendor "Amd" for product "Epyc 9274f"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9254 Firmware Search vendor "Amd" for product "Epyc 9254 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9254 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9254 Search vendor "Amd" for product "Epyc 9254"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9224 Firmware Search vendor "Amd" for product "Epyc 9224 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9224 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9224 Search vendor "Amd" for product "Epyc 9224"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9174f Firmware Search vendor "Amd" for product "Epyc 9174f Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9174f Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9174f Search vendor "Amd" for product "Epyc 9174f"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9124 Firmware Search vendor "Amd" for product "Epyc 9124 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9124 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9124 Search vendor "Amd" for product "Epyc 9124"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9684x Firmware Search vendor "Amd" for product "Epyc 9684x Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9684x Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9684x Search vendor "Amd" for product "Epyc 9684x"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9384x Firmware Search vendor "Amd" for product "Epyc 9384x Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9384x Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9384x Search vendor "Amd" for product "Epyc 9384x"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9184x Firmware Search vendor "Amd" for product "Epyc 9184x Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9184x Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9184x Search vendor "Amd" for product "Epyc 9184x"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9754 Firmware Search vendor "Amd" for product "Epyc 9754 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9754 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9754 Search vendor "Amd" for product "Epyc 9754"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9754s Firmware Search vendor "Amd" for product "Epyc 9754s Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9754s Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9754s Search vendor "Amd" for product "Epyc 9754s"	-	-	Safe
Amd Search vendor "Amd"	Epyc 9734 Firmware Search vendor "Amd" for product "Epyc 9734 Firmware"	< genoapi_1.0.0.4 Search vendor "Amd" for product "Epyc 9734 Firmware" and version " < genoapi_1.0.0.4"	-	Affected	in	Amd Search vendor "Amd"	Epyc 9734 Search vendor "Amd" for product "Epyc 9734"	-	-	Safe
Amd Search vendor "Amd"	Ryzen Threadripper Pro 3995wx Firmware Search vendor "Amd" for product "Ryzen Threadripper Pro 3995wx Firmware"	< chagallwspi-swrx8_1.0.0.5 Search vendor "Amd" for product "Ryzen Threadripper Pro 3995wx Firmware" and version " < chagallwspi-swrx8_1.0.0.5"	-	Affected	in	Amd Search vendor "Amd"	Ryzen Threadripper Pro 3995wx Search vendor "Amd" for product "Ryzen Threadripper Pro 3995wx"	-	-	Safe
Amd Search vendor "Amd"	Ryzen Threadripper Pro 3975wx Firmware Search vendor "Amd" for product "Ryzen Threadripper Pro 3975wx Firmware"	< chagallwspi-swrx8_1.0.0.5 Search vendor "Amd" for product "Ryzen Threadripper Pro 3975wx Firmware" and version " < chagallwspi-swrx8_1.0.0.5"	-	Affected	in	Amd Search vendor "Amd"	Ryzen Threadripper Pro 3975wx Search vendor "Amd" for product "Ryzen Threadripper Pro 3975wx"	-	-	Safe
Amd Search vendor "Amd"	Ryzen Threadripper Pro 3955wx Firmware Search vendor "Amd" for product "Ryzen Threadripper Pro 3955wx Firmware"	< chagallwspi-swrx8_1.0.0.5 Search vendor "Amd" for product "Ryzen Threadripper Pro 3955wx Firmware" and version " < chagallwspi-swrx8_1.0.0.5"	-	Affected	in	Amd Search vendor "Amd"	Ryzen Threadripper Pro 3955wx Search vendor "Amd" for product "Ryzen Threadripper Pro 3955wx"	-	-	Safe
Amd Search vendor "Amd"	Ryzen Threadripper Pro 3945wx Firmware Search vendor "Amd" for product "Ryzen Threadripper Pro 3945wx Firmware"	< chagallwspi-swrx8_1.0.0.5 Search vendor "Amd" for product "Ryzen Threadripper Pro 3945wx Firmware" and version " < chagallwspi-swrx8_1.0.0.5"	-	Affected	in	Amd Search vendor "Amd"	Ryzen Threadripper Pro 3945wx Search vendor "Amd" for product "Ryzen Threadripper Pro 3945wx"	-	-	Safe