Vulnerabilities > AMD > Ryzen PRO Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-13 | CVE-2021-26318 | Information Exposure Through Discrepancy vulnerability in AMD products A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information. | 1.9 |
| 2018-03-22 | CVE-2018-8936 | Unspecified vulnerability in AMD products The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation. | 9.3 |
| 2018-03-22 | CVE-2018-8935 | Unspecified vulnerability in AMD Ryzen Firmware and Ryzen PRO Firmware The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW. | 9.3 |
| 2018-03-22 | CVE-2018-8934 | Unspecified vulnerability in AMD Ryzen Firmware and Ryzen PRO Firmware The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW. | 9.3 |
| 2018-03-22 | CVE-2018-8932 | Incorrect Permission Assignment for Critical Resource vulnerability in AMD Ryzen Firmware and Ryzen PRO Firmware The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4. | 9.3 |
| 2018-03-22 | CVE-2018-8931 | Incorrect Permission Assignment for Critical Resource vulnerability in AMD products The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1. | 9.3 |
| 2018-03-22 | CVE-2018-8930 | Unspecified vulnerability in AMD products The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. | 9.3 |