Privilege Escalation in AMD EPYC and Ryzen Products
CVE-2018-8936
9CRITICAL
Summary
The vulnerability arises in AMD's EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile processor families where the Platform Security Processor (PSP) can be exploited to gain elevated privileges. This security issue could allow unauthorized users to execute arbitrary code within a privileged context, therefore posing a significant risk to systems utilizing these processors. Analysts and researchers have raised concerns regarding the potential implications, urging users to remain vigilant and apply necessary mitigations as they are made available.
References
CVSS V3.1
Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved