CVE-2021-26344

Aug. 13, 2024, 5:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

AMD BIOS Firmware

Source

psirt@amd.com

Tags

CVE-2021-26344 details

Published : Aug. 13, 2024, 5:15 p.m.
Last Modified : Aug. 13, 2024, 5:15 p.m.

Description

An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.

CVSS Score

1 2 3 4 5 6 7.2 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

7.2

Exploitability Score

0.6

Impact Score

6.0

Base Severity

HIGH

This website uses the NVD API, but is not approved or certified by it.