CVE-2021-46766
2.5LOW
Key Information
- Vendor
- Amd
- Status
- Ryzen™ Threadripper™ Pro 3000wx Series Processors “chagall” Ws
- 4th Gen Amd Epyc™ Processors
- Amd Epyc™ Embedded 9003
- Vendor
- CVE Published:
- 14 November 2023
Summary
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
Affected Version(s)
Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS = various
4th Gen AMD EPYC™ Processors = various
AMD EPYC™ Embedded 9003 = various
CVSS V3.1
Score:
2.5
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Risk change from: 5.5 to: 2.5 - (LOW)
Risk change from: 5.5 to: 2.5 - (LOW)
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database