Vulnerabilidades en AMD
443 resultadosCVE-2025-54518HIGHImproper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructionEPSS 0.3%CVE-2021-26331—AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbiEPSS 0.3%CVE-2021-26401—LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.EPSS 0.3%CVE-2021-46759MEDIUMImproper syscall input validation in AMD TEE
(Trusted Execution Environment) may allow an attacker with physical access and
control of a UapEPSS 0.3%CVE-2021-46771—Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by EPSS 0.3%CVE-2024-36348LOWA transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIEPSS 0.3%CVE-2020-12890—Improper handling of pointers in the System Management Mode (SMM) handling code may allow for a privileged attacker with physical or adminisEPSS 0.3%CVE-2020-12981—An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially caEPSS 0.3%CVE-2020-12987—A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.EPSS 0.3%CVE-2021-46767MEDIUMInsufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leadingEPSS 0.3%CVE-2024-21957HIGHIncorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation pEPSS 0.3%CVE-2024-21958HIGHIncorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalationEPSS 0.3%CVE-2025-52533HIGHImproper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromiEPSS 0.3%CVE-2021-26317—Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify SPI flash resulting in a potential arbitrary EPSS 0.3%CVE-2024-21974HIGHImproper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary cEPSS 0.3%CVE-2024-21976HIGHImproper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary cEPSS 0.3%CVE-2024-21975HIGHImproper input validation in the NPU driver could allow an attacker to supply a specially crafted pointer potentially leading to arbitrary cEPSS 0.3%CVE-2023-20583—Software based Power Side Channel on AMD CPUs EPSS 0.3%CVE-2021-26339—A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting iEPSS 0.3%CVE-2021-26386—A malicious or compromised UApp or ABL may be used by an attacker to issue a malformed system call to the Stage 2 Bootloader potentially leaEPSS 0.3%