Access Control Vulnerability in AMD Ryzen Processors
CVE-2018-8931

9CRITICAL

Key Information:

Vendor

Amd
Status
Ryzen Mobile Firmware
Vendor
CVE Published:
22 March 2018

What is CVE-2018-8931?

The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips are impacted by a significant access control vulnerability affecting the Secure Processor module. This flaw, known as RYZENFALL-1, could potentially allow unauthorized access to sensitive system operations, compromising system integrity and security. The issue arises from inadequate protection measures, highlighting the necessity for robust access controls in modern processor designs. Users and organizations reliant on these processors are encouraged to implement recommended security practices to mitigate risks associated with this vulnerability.

References

https://amdflaws.com/
x_refsource_MISC
https://blog.trailofbits.com/2018/03/15/amd-flaws-technic...
x_refsource_MISC
https://community.amd.com/community/amd-corporate/blog/20...
x_refsource_MISC

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2018-8931 : Access Control Vulnerability in AMD Ryzen Processors