CVE-2021-26383

CVSS 7.9 HIGHEPSS 0.2%CWE-787

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 7.9EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

05 sep 2025Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

Productos afectados

AMD · AMD Instinct™ MI210 AMD · AMD Instinct™ MI250 AMD · AMD Radeon™ PRO V520 Graphics Products AMD · AMD Radeon™ PRO V620 Graphics Products AMD · AMD Radeon™ PRO W5000 Series Graphics Products AMD · AMD Radeon™ PRO W6000 Series Graphics Products AMD · AMD Radeon™ RX 5000 Series Graphics Products AMD · AMD Radeon™ RX 6000 Series Graphics Products AMD · AMD Ryzen™ 4000 Series Desktop Processors AMD · AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics AMD · AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics AMD · AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics AMD · AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics AMD · AMD Ryzen™ Embedded V2000 Series Processors

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html