Vulnerabilities > CVE-2021-46766 - Incomplete Cleanup vulnerability in AMD products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

amd

CWE-459

NVD

Published: 2023-11-14

Updated: 2024-06-18

Summary

Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.

Vulnerable Configurations

Part	Description	Count
OS	Amd AMD Epyc 9654P Firmware - AMD Epyc 9654P Firmware Genoapi_1.0.0.0 AMD Epyc 9654P Firmware Genoapi_1.0.0.1 AMD Epyc 9654P Firmware Genoapi_1.0.0.3 AMD Epyc 9654 Firmware - AMD Epyc 9654 Firmware Genoapi_1.0.0.0 AMD Epyc 9654 Firmware Genoapi_1.0.0.1 AMD Epyc 9654 Firmware Genoapi_1.0.0.3 AMD Epyc 9634 Firmware - AMD Epyc 9634 Firmware Genoapi_1.0.0.0 AMD Epyc 9634 Firmware Genoapi_1.0.0.1 AMD Epyc 9634 Firmware Genoapi_1.0.0.3 AMD Epyc 9554P Firmware - AMD Epyc 9554P Firmware Genoapi_1.0.0.0 AMD Epyc 9554P Firmware Genoapi_1.0.0.1 AMD Epyc 9554P Firmware Genoapi_1.0.0.3 AMD Epyc 9554 Firmware - AMD Epyc 9554 Firmware Genoapi_1.0.0.0 AMD Epyc 9554 Firmware Genoapi_1.0.0.1 AMD Epyc 9554 Firmware Genoapi_1.0.0.3 AMD Epyc 9534 Firmware - AMD Epyc 9534 Firmware Genoapi_1.0.0.0 AMD Epyc 9534 Firmware Genoapi_1.0.0.1 AMD Epyc 9534 Firmware Genoapi_1.0.0.3 AMD Epyc 9474F Firmware - AMD Epyc 9474F Firmware Genoapi_1.0.0.0 AMD Epyc 9474F Firmware Genoapi_1.0.0.1 AMD Epyc 9474F Firmware Genoapi_1.0.0.3 AMD Epyc 9454P Firmware - AMD Epyc 9454P Firmware Genoapi_1.0.0.0 AMD Epyc 9454P Firmware Genoapi_1.0.0.1 AMD Epyc 9454P Firmware Genoapi_1.0.0.3 AMD Epyc 9454 Firmware - AMD Epyc 9454 Firmware Genoapi_1.0.0.0 AMD Epyc 9454 Firmware Genoapi_1.0.0.1 AMD Epyc 9454 Firmware Genoapi_1.0.0.3 AMD Epyc 9374F Firmware - AMD Epyc 9374F Firmware Genoapi_1.0.0.0 AMD Epyc 9374F Firmware Genoapi_1.0.0.1 AMD Epyc 9374F Firmware Genoapi_1.0.0.3 AMD Epyc 9354P Firmware - AMD Epyc 9354P Firmware Genoapi_1.0.0.0 AMD Epyc 9354P Firmware Genoapi_1.0.0.1 AMD Epyc 9354P Firmware Genoapi_1.0.0.3 AMD Epyc 9354 Firmware - AMD Epyc 9354 Firmware Genoapi_1.0.0.0 AMD Epyc 9354 Firmware Genoapi_1.0.0.1 AMD Epyc 9354 Firmware Genoapi_1.0.0.3 AMD Epyc 9334 Firmware - AMD Epyc 9334 Firmware Genoapi_1.0.0.0 AMD Epyc 9334 Firmware Genoapi_1.0.0.1 AMD Epyc 9334 Firmware Genoapi_1.0.0.3 AMD Epyc 9274F Firmware - AMD Epyc 9274F Firmware Genoapi_1.0.0.0 AMD Epyc 9274F Firmware Genoapi_1.0.0.1 AMD Epyc 9274F Firmware Genoapi_1.0.0.3 AMD Epyc 9254 Firmware - AMD Epyc 9254 Firmware Genoapi_1.0.0.0 AMD Epyc 9254 Firmware Genoapi_1.0.0.1 AMD Epyc 9254 Firmware Genoapi_1.0.0.3 AMD Epyc 9224 Firmware - AMD Epyc 9224 Firmware Genoapi_1.0.0.0 AMD Epyc 9224 Firmware Genoapi_1.0.0.1 AMD Epyc 9224 Firmware Genoapi_1.0.0.3 AMD Epyc 9174F Firmware - AMD Epyc 9174F Firmware Genoapi_1.0.0.0 AMD Epyc 9174F Firmware Genoapi_1.0.0.1 AMD Epyc 9174F Firmware Genoapi_1.0.0.3 AMD Epyc 9124 Firmware - AMD Epyc 9124 Firmware Genoapi_1.0.0.0 AMD Epyc 9124 Firmware Genoapi_1.0.0.1 AMD Epyc 9124 Firmware Genoapi_1.0.0.3 AMD Epyc 9684X Firmware - AMD Epyc 9684X Firmware Genoapi_1.0.0.0 AMD Epyc 9684X Firmware Genoapi_1.0.0.1 AMD Epyc 9684X Firmware Genoapi_1.0.0.3 AMD Epyc 9384X Firmware - AMD Epyc 9384X Firmware Genoapi_1.0.0.0 AMD Epyc 9384X Firmware Genoapi_1.0.0.1 AMD Epyc 9384X Firmware Genoapi_1.0.0.3 AMD Epyc 9184X Firmware - AMD Epyc 9184X Firmware Genoapi_1.0.0.0 AMD Epyc 9184X Firmware Genoapi_1.0.0.1 AMD Epyc 9184X Firmware Genoapi_1.0.0.3 AMD Epyc 9754 Firmware - AMD Epyc 9754 Firmware Genoapi_1.0.0.0 AMD Epyc 9754 Firmware Genoapi_1.0.0.1 AMD Epyc 9754 Firmware Genoapi_1.0.0.3 AMD Epyc 9754S Firmware - AMD Epyc 9754S Firmware Genoapi_1.0.0.0 AMD Epyc 9754S Firmware Genoapi_1.0.0.1 AMD Epyc 9754S Firmware Genoapi_1.0.0.3 AMD Epyc 9734 Firmware - AMD Epyc 9734 Firmware Genoapi_1.0.0.0 AMD Epyc 9734 Firmware Genoapi_1.0.0.1 AMD Epyc 9734 Firmware Genoapi_1.0.0.3 AMD Ryzen Threadripper PRO 3995Wx Firmware - AMD Ryzen Threadripper PRO 3995Wx Firmware Castlepeakpi-Sp3R2_1.1.0.8 AMD Ryzen Threadripper PRO 3995Wx Firmware Castlepeakwspi-Swrx8_1.0.0.9 AMD Ryzen Threadripper PRO 3995Wx Firmware Castlepeakwspi-Swrx8_1.0.0.A AMD Ryzen Threadripper PRO 3995Wx Firmware Chagallwspi-Swrx8_1.0.0.4 AMD Ryzen Threadripper PRO 3975Wx Firmware - AMD Ryzen Threadripper PRO 3975Wx Firmware Castlepeakpi-Sp3R2_1.1.0.8 AMD Ryzen Threadripper PRO 3975Wx Firmware Castlepeakwspi-Swrx8_1.0.0.9 AMD Ryzen Threadripper PRO 3975Wx Firmware Castlepeakwspi-Swrx8_1.0.0.A AMD Ryzen Threadripper PRO 3975Wx Firmware Chagallwspi-Swrx8_1.0.0.4 AMD Ryzen Threadripper PRO 3955Wx Firmware - AMD Ryzen Threadripper PRO 3955Wx Firmware Castlepeakpi-Sp3R2_1.1.0.8 AMD Ryzen Threadripper PRO 3955Wx Firmware Castlepeakwspi-Swrx8_1.0.0.9 AMD Ryzen Threadripper PRO 3955Wx Firmware Castlepeakwspi-Swrx8_1.0.0.A AMD Ryzen Threadripper PRO 3955Wx Firmware Chagallwspi-Swrx8_1.0.0.4 AMD Ryzen Threadripper PRO 3945Wx Firmware - AMD Ryzen Threadripper PRO 3945Wx Firmware Castlepeakpi-Sp3R2_1.1.0.8 AMD Ryzen Threadripper PRO 3945Wx Firmware Castlepeakwspi-Swrx8_1.0.0.9 AMD Ryzen Threadripper PRO 3945Wx Firmware Castlepeakwspi-Swrx8_1.0.0.A AMD Ryzen Threadripper PRO 3945Wx Firmware Chagallwspi-Swrx8_1.0.0.4	116
Hardware	Amd AMD Epyc 9654P - AMD Epyc 9654 - AMD Epyc 9634 - AMD Epyc 9554P - AMD Epyc 9554 - AMD Epyc 9534 - AMD Epyc 9474F - AMD Epyc 9454P - AMD Epyc 9454 - AMD Epyc 9374F - AMD Epyc 9354P - AMD Epyc 9354 - AMD Epyc 9334 - AMD Epyc 9274F - AMD Epyc 9254 - AMD Epyc 9224 - AMD Epyc 9174F - AMD Epyc 9124 - AMD Epyc 9684X - AMD Epyc 9384X - AMD Epyc 9184X - AMD Epyc 9754 - AMD Epyc 9754S - AMD Epyc 9734 - AMD Ryzen Threadripper PRO 3995Wx - AMD Ryzen Threadripper PRO 3975Wx - AMD Ryzen Threadripper PRO 3955Wx - AMD Ryzen Threadripper PRO 3945Wx -	28

Common Weakness Enumeration (CWE)

CWE-459 - Incomplete Cleanup

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References