Access Control Weakness in AMD Secure Processor Products
CVE-2021-46747

7.1HIGH

Key Information:

Vendor: Amd
Status: Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics; Amd Ryzen™ Threadripper™ Pro 3000 Wx-series Processors; Amd Ryzen™ 5000 Series Desktop Processors With Radeon™ Graphics; Amd Ryzen™ Threadripper™ Pro 5000 Wx-series Processors
Vendor: CVE Published:; 1 June 2026

What is CVE-2021-46747?

The AMD Secure Processor exhibits insufficient granularity in its access control mechanisms, allowing untrusted user space applications to potentially map sensitive System Management Network (SMN) apertures. This vulnerability could enable unauthorized users to escalate their privileges, posing a significant risk to system security and data integrity. It is essential for users of affected products to implement necessary security measures and updates to mitigate these risks.

Affected Version(s)

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics ComboAM4v2 PI 1.2.0.8

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics PicassoPI-FP5 1.0.0.E

AMD Radeon™ PRO V520 Contact your AMD Customer Engineering representative

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Mar 31, 2022

CVE-2021-46747 Data

JSON

Amd

What is CVE-2021-46747?

Affected Version(s)

References

CVSS V4

Timeline