Vulnerabilities > CVE-2021-46771 - Unspecified vulnerability in AMD products

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

amd

NVD

Published: 2022-05-10

Updated: 2022-05-16

Summary

Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.

Vulnerable Configurations

Part	Description	Count
OS	Amd AMD Epyc 7763 Firmware - AMD Epyc 7713P Firmware - AMD Epyc 7713 Firmware - AMD Epyc 7663 Firmware - AMD Epyc 7643 Firmware - AMD Epyc 75F3 Firmware - AMD Epyc 7543P Firmware - AMD Epyc 7543 Firmware - AMD Epyc 7513 Firmware - AMD Epyc 7453 Firmware - AMD Epyc 74F3 Firmware - AMD Epyc 7443P Firmware - AMD Epyc 7443 Firmware - AMD Epyc 7413 Firmware - AMD Epyc 73F3 Firmware - AMD Epyc 7343 Firmware - AMD Epyc 7313P Firmware - AMD Epyc 7313 Firmware - AMD Epyc 72F3 Firmware - AMD Epyc 7773X Firmware * AMD Epyc 7473X Firmware * AMD Epyc 7573X Firmware * AMD Epyc 7373X Firmware *	23
Hardware	Amd AMD Epyc 7763 - AMD Epyc 7713P - AMD Epyc 7713 - AMD Epyc 7663 - AMD Epyc 7643 - AMD Epyc 75F3 - AMD Epyc 7543P - AMD Epyc 7543 - AMD Epyc 7513 - AMD Epyc 7453 - AMD Epyc 74F3 - AMD Epyc 7443P - AMD Epyc 7443 - AMD Epyc 7413 - AMD Epyc 73F3 - AMD Epyc 7343 - AMD Epyc 7313P - AMD Epyc 7313 - AMD Epyc 72F3 - AMD Epyc 7773X - AMD Epyc 7473X - AMD Epyc 7573X - AMD Epyc 7373X -	23

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021