Access Control Flaws in AMD Ryzen Processors
CVE-2018-8932

9CRITICAL

Key Information:

Vendor
Amd
Status
Ryzen Pro Firmware
Vendor
CVE Published:
22 March 2018

Summary

AMD Ryzen and Ryzen Pro processors are affected by access control vulnerabilities that compromise the Secure Processor. This allows unauthorized access to sensitive data and processing capabilities, potentially leading to further exploitation. The issues are classified under the RYZENFALL vulnerabilities, which demonstrate the need for robust security practices in hardware design. Users and organizations relying on these processors should ensure they are informed about possible risks and consider implementing mitigations as recommended by AMD.

References

https://amdflaws.com/
x_refsource_MISC
https://blog.trailofbits.com/2018/03/15/amd-flaws-technic...
x_refsource_MISC
https://community.amd.com/community/amd-corporate/blog/20...
x_refsource_MISC

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.