Vector Strings

Severity Score: 7.8
Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9

Access Vector (AV):
Access Complexity (AC):
Authentication (AU): LOW
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Published Date: 2021-11-16
Last Modified: 2021-11-18

CVE-2021-26315

About:
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used.

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021

Related CVEs

No related CVEs.

Empower Your Security Strategy with Rainforest

Discover vulnerabilities early, prioritize critical threats, and protect what truly matters. Rainforest streamlines your security operations, saving you time and reducing costs, so you can focus on what drives your business forward.

Book a Demo