Backdoor Firmware Vulnerability in AMD Ryzen Platforms
CVE-2018-8934

9CRITICAL

Key Information:

Vendor

Amd
Status
Ryzen Pro Firmware
Vendor
CVE Published:
22 March 2018

What is CVE-2018-8934?

The Promontory chipset utilized in AMD Ryzen and Ryzen Pro platforms is subject to a significant security flaw that introduces a backdoor in the firmware, identified as CHIMERA-FW. This vulnerability could potentially allow unauthorized access to sensitive information and system controls, posing a serious risk to users and organizations that rely on these platforms. It highlights the importance of ongoing security assessments and firmware updates to mitigate such vulnerabilities.

References

https://amdflaws.com/
x_refsource_MISC
https://blog.trailofbits.com/2018/03/15/amd-flaws-technic...
x_refsource_MISC
https://community.amd.com/community/amd-corporate/blog/20...
x_refsource_MISC

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.