← back
CVE-2021-26343

CVE-2021-26343

CVSS 5.5 MEDIUMEPSS 0.2%CWE-668
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
10 Jan 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Insufficient validation in ASP BIOS and DRTM commands may allow malicious supervisor x86 software to disclose the contents of sensitive memory which may result in information disclosure.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
AMD · 3rd Gen EPYC

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032