CVE-2024-21981
CVE-2024-21981
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.7EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
13 ago 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Improper key usage control in AMD Secure Processor
(ASP) may allow an attacker with local access who has gained arbitrary code
execution privilege in ASP to
extract ASP cryptographic keys, potentially resulting in loss of
confidentiality and integrity.
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
Productos afectados
AMD · AMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsAMD · AMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsAMD · AMD EPYC™ 7001 Series ProcessorsAMD · AMD EPYC™ 7002 Series ProcessorsAMD · AMD EPYC™ 7003 Series ProcessorsAMD · AMD EPYC™ Embedded 3000 Series ProcessorsAMD · AMD EPYC™ Embedded 7002 Series ProcessorsAMD · AMD EPYC™ Embedded 7003 Series ProcessorsAMD · AMD Ryzen™ 3000 Series Desktop ProcessorsAMD · AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ GraphicsAMD · AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ GraphicsAMD · AMD Ryzen™ 5000 Series Desktop ProcessorsAMD · AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ GraphicsAMD · AMD Ryzen™ Embedded 5000 Series ProcessorsAMD · AMD Ryzen™ Embedded R1000 Series ProcessorsAMD · AMD Ryzen™ Embedded R2000 Series ProcessorsAMD · AMD Ryzen™ Embedded V1000 Series ProcessorsAMD · AMD Ryzen™ Threadripper™ 3000 Series ProcessorsAMD · AMD Ryzen™ Threadripper™ PRO 3000WX Series ProcessorsAMD · AMD Ryzen™ Threadripper™ PRO 5000WX Processors¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →