Vulnerability-Lookup

CVE-2025-29949 (GCVE-0-2025-29949)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:46 – Updated: 2026-02-10 20:40

Summary

Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.

Severity

4.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-787 - Out-of-bounds Write

Assigner

AMD

References

1 reference

URL	Tags
https://www.amd.com/en/resources/product-security…

Impacted products

24 products

Vendor	Product	Version
AMD	AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics	Unaffected: RenoirPI-FP6_1.0.0.Ec
AMD	AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics	Unaffected: RembrandtPI-FP7_1.0.0.BD
AMD	AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: PicassoPI-FP5_1.0.1.2c
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7_1.2.0.B
AMD	AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics	Unaffected: MendocinoPI-FT6_1.0.0.7c
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Unaffected: ComboAM4v2PI_1.2.0.F
AMD	AMD Ryzen™ Threadripper™ PRO 3000WX Processors	Unaffected: ChagallWSPI-sWRX8 1.0.0.C Unaffected: CastlePeakWSPI-sWRX8 1.0.0.H
AMD	AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6_1.0.1.1c
AMD	AMD Ryzen™ Threadripper™ 3000 Processors	Unaffected: CastlePeakPI-SP3r3_1.0.0.F
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors	Unaffected: ChagallWSPI-sWRX8 1.0.0.C
AMD	AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6_1.0.1.1c
AMD	AMD Ryzen™ 4000 Series Desktop Processors	Unaffected: ComboAM4v2PI_1.2.0.F
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Unaffected: ComboAM4v2PI_1.2.0.F
AMD	AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics	Unaffected: ComboAM4v2PI_1.2.0.F
AMD	AMD Ryzen™ 3000 Series Desktop Processors	Unaffected: ComboAM4 1.0.0.F
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7_1.2.0.B
AMD	AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics	Unaffected: PicassoPI-FP5_1.0.1.2c
AMD	AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics	Unaffected: RembrandtPI-FP7_1.0.0.BD
AMD	AMD Ryzen™ Embedded R1000 Series Processors	Unaffected: EmbeddedPI-FP5 1211
AMD	AMD Ryzen™ Embedded R2000 Series Processors	Unaffected: EmbeddedR2KPI-FP5 1006
AMD	AMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")	Unaffected: EmbeddedPI-FP5 1211
AMD	AMD Ryzen™ Embedded 8000 Series Processors	Unaffected: EmbeddedPhoenixPI-FP7r2_1.0.0.2
AMD	AMD Ryzen™ Embedded V2000 Series Processors	Unaffected: EmbeddedPI-FP6_1.0.0.D
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: EmbeddedPI-FP7r2_1.0.0.C

Date Public

2026-02-10 19:43

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29949",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-10T20:40:30.330193Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-10T20:40:37.898Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6_1.0.0.Ec"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7_1.0.0.BD"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5_1.0.1.2c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MendocinoPI-FT6_1.0.0.7c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI_1.2.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.C"
            },
            {
              "status": "unaffected",
              "version": "CastlePeakWSPI-sWRX8 1.0.0.H"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6_1.0.1.1c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakPI-SP3r3_1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6_1.0.1.1c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6_1.0.1.1c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI_1.2.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI_1.2.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI_1.2.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4 1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5_1.0.1.2c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7_1.0.0.BD"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1211"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5 1006"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1211"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPhoenixPI-FP7r2_1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6_1.0.0.D"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP7r2_1.0.0.C"
            }
          ]
        }
      ],
      "datePublic": "2026-02-10T19:43:33.690Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.\u003cbr\u003e"
            }
          ],
          "value": "Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787  Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T19:46:42.763Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29949",
    "datePublished": "2026-02-10T19:46:42.763Z",
    "dateReserved": "2025-03-12T15:15:04.911Z",
    "dateUpdated": "2026-02-10T20:40:37.898Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-29949",
      "date": "2026-06-17",
      "epss": "0.00134",
      "percentile": "0.03192"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-29949\",\"sourceIdentifier\":\"psirt@amd.com\",\"published\":\"2026-02-10T20:16:44.337\",\"lastModified\":\"2026-02-10T21:51:48.077\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"references\":[{\"url\":\"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html\",\"source\":\"psirt@amd.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-29949\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-10T20:40:30.330193Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-10T20:40:33.555Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 4000 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"RenoirPI-FP6_1.0.0.Ec\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 7035 Series Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"RembrandtPI-FP7_1.0.0.BD\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Athlon\\u2122 3000 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"PicassoPI-FP5_1.0.1.2c\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 7040 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"PhoenixPI-FP8-FP7_1.2.0.B\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 7020 Series Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"MendocinoPI-FT6_1.0.0.7c\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 3000 Series Desktop Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ComboAM4v2PI_1.2.0.F\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 PRO 3000WX Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ChagallWSPI-sWRX8 1.0.0.C\"}, {\"status\": \"unaffected\", \"version\": \"CastlePeakWSPI-sWRX8 1.0.0.H\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 7030 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"CezannePI-FP6_1.0.1.1c\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 3000 Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"CastlePeakPI-SP3r3_1.0.0.F\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 PRO 5000 WX-Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ChagallWSPI-sWRX8 1.0.0.C\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 5000 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"CezannePI-FP6_1.0.1.1c\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 5000 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"CezannePI-FP6_1.0.1.1c\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 4000 Series Desktop Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ComboAM4v2PI_1.2.0.F\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 5000 Series Desktop Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ComboAM4v2PI_1.2.0.F\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 5000 Series Desktop Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ComboAM4v2PI_1.2.0.F\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 3000 Series Desktop Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ComboAM4 1.0.0.F\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 8040 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"PhoenixPI-FP8-FP7_1.2.0.B\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 3000 Series Mobile Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"PicassoPI-FP5_1.0.1.2c\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 6000 Series Processors with Radeon\\u2122 Graphics\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"RembrandtPI-FP7_1.0.0.BD\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded R1000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbeddedPI-FP5 1211\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded R2000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbeddedR2KPI-FP5 1006\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded V1000 Series Processors (formerly codenamed \\\"Raven Ridge\\\")\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbeddedPI-FP5 1211\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded 8000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbeddedPhoenixPI-FP7r2_1.0.0.2\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded V2000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbeddedPI-FP6_1.0.0.D\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Embedded V3000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbeddedPI-FP7r2_1.0.0.C\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2026-02-10T19:43:33.690Z\", \"references\": [{\"url\": \"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html\"}], \"x_generator\": {\"engine\": \"AMD PSIRT Automation 1.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787  Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"shortName\": \"AMD\", \"dateUpdated\": \"2026-02-10T19:46:42.763Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-29949\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-10T20:40:37.898Z\", \"dateReserved\": \"2025-03-12T15:15:04.911Z\", \"assignerOrgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"datePublished\": \"2026-02-10T19:46:42.763Z\", \"assignerShortName\": \"AMD\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2025-29949

Vulnerability from fkie_nvd - Published: 2026-02-10 20:16 - Updated: 2026-06-17 09:05

Severity

4.8 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Summary

References

	URL	Tags
	psirt@amd.com	https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RenoirPI-FP6_1.0.0.Ec"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7_1.0.0.BD"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5_1.0.1.2c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MendocinoPI-FT6_1.0.0.7c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI_1.2.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.C"
            },
            {
              "status": "unaffected",
              "version": "CastlePeakWSPI-sWRX8 1.0.0.H"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6_1.0.1.1c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakPI-SP3r3_1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6_1.0.1.1c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6_1.0.1.1c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI_1.2.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI_1.2.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI_1.2.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4 1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7_1.2.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PicassoPI-FP5_1.0.1.2c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7_1.0.0.BD"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R1000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1211"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded R2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedR2KPI-FP5 1006"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V1000 Series Processors (formerly codenamed \"Raven Ridge\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP5 1211"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 8000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPhoenixPI-FP7r2_1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V2000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP6_1.0.0.D"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedPI-FP7r2_1.0.0.C"
            }
          ]
        }
      ],
      "source": "psirt@amd.com"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service."
    },
    {
      "lang": "es",
      "value": "La sanitizaci\u00f3n insuficiente de par\u00e1metros de entrada en el cargador de arranque (Boot Loader) del procesador seguro (ASP) de AMD (solo en modo de recuperaci\u00f3n heredado) podr\u00eda permitir a un atacante escribir fuera de los l\u00edmites para corromper la DRAM segura, lo que podr\u00eda resultar en una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2025-29949",
  "lastModified": "2026-06-17T09:05:56.600",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "psirt@amd.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2025-29949",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2026-02-10T20:40:30.330193Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2026-02-10T20:16:44.337",
  "references": [
    {
      "source": "psirt@amd.com",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
    }
  ],
  "sourceIdentifier": "psirt@amd.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@amd.com",
      "type": "Secondary"
    }
  ]
}

GHSA-7J6Q-4XF6-XXW5

Vulnerability from github – Published: 2026-02-10 21:31 – Updated: 2026-02-10 21:31

Details

Severity

4.8 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-29949"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T20:16:44Z",
    "severity": "MODERATE"
  },
  "details": "Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.",
  "id": "GHSA-7j6q-4xf6-xxw5",
  "modified": "2026-02-10T21:31:30Z",
  "published": "2026-02-10T21:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29949"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

WID-SEC-W-2026-0381

Vulnerability from csaf_certbund - Published: 2026-02-10 23:00 - Updated: 2026-06-16 22:00

Summary

AMD EPYC, Athlon und Ryzen Prozessoren: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Prozessoren sind die zentralen Rechenwerke eines Computers.

Angriff: Ein Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuführen, sich erhöhte Berechtigungen zu verschaffen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.

Betroffene Betriebssysteme: - BIOS/Firmware - Hardware Appliance - Sonstiges

CVE-2021-26381

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2021-26410

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2021-46747

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2023-20540

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-21953

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-21961

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36310

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36311

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36355

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0012

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0026

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0029

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0031

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0045

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29939

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29946

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29948

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29949

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29950

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29951

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29952

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48509

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48514

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-485142

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48515

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48517

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52533

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-525331

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52534

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52536

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-54514

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

References

9 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.amd.com/en/resources/product-security…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://support.hp.com/de-de/document/ish_1406752…	external
https://support.lenovo.com/us/en/product_security…	external
https://www.dell.com/support/kbdoc/de-de/00039867…	external
https://www.dell.com/support/kbdoc/en-us/00042670…	external
https://support.hp.com/de-de/document/ish_1514274…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Prozessoren sind die zentralen Rechenwerke eines Computers.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuf\u00fchren, sich erh\u00f6hte Berechtigungen zu verschaffen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware\n- Hardware Appliance\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0381 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0381.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0381 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0381"
      },
      {
        "category": "external",
        "summary": "AMD Athlon and AMD Ryzen Processor Vulnerabilities \u2013 February 2026 vom 2026-02-10",
        "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4013.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04999 vom 2026-02-10",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04999en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04090 vom 2025-12-05",
        "url": "https://support.hp.com/de-de/document/ish_14067521-14067543-16/HPSBHF04090"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-210698 vom 2026-02-10",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-210698"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-016 vom 2026-02-10",
        "url": "https://www.dell.com/support/kbdoc/de-de/000398671/dsa-2026-016"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-026 vom 2026-02-11",
        "url": "https://www.dell.com/support/kbdoc/en-us/000426703/dsa-2026-026-security-update-for-dell-amd-based-poweredge-server-vulnerability"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04127 vom 2026-06-12",
        "url": "https://support.hp.com/de-de/document/ish_15142748-15143245-16/HPSBHF04127"
      }
    ],
    "source_lang": "en-US",
    "title": "AMD EPYC, Athlon und Ryzen Prozessoren: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-16T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-17T09:10:31.386+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-0381",
      "initial_release_date": "2026-02-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-02-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-02-11T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-05-14T22:00:00.000+00:00",
          "number": "3",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-209862"
        },
        {
          "date": "2026-06-01T22:00:00.000+00:00",
          "number": "4",
          "summary": "Referenz(en) aufgenommen: EUVD-2021-34843"
        },
        {
          "date": "2026-06-16T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "EPYC",
                "product": {
                  "name": "AMD Prozessor EPYC",
                  "product_id": "T050793",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:epyc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "EPYC Embedded",
                "product": {
                  "name": "AMD Prozessor EPYC Embedded",
                  "product_id": "T050794",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:epyc_embedded"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Athlon",
                "product": {
                  "name": "AMD Prozessor Athlon",
                  "product_id": "T050795",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:athlon"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Ryzen",
                "product": {
                  "name": "AMD Prozessor Ryzen",
                  "product_id": "T050796",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:ryzen"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Prozessor"
          }
        ],
        "category": "vendor",
        "name": "AMD"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T043182",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Dell PowerEdge",
            "product": {
              "name": "Dell PowerEdge",
              "product_id": "T028211",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:poweredge:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T030989",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HPE ProLiant",
            "product": {
              "name": "HPE ProLiant",
              "product_id": "T009310",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:proliant:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T048897",
              "product_identification_helper": {
                "cpe": "cpe:/h:lenovo:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-26381",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26381"
    },
    {
      "cve": "CVE-2021-26410",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26410"
    },
    {
      "cve": "CVE-2021-46747",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-46747"
    },
    {
      "cve": "CVE-2023-20540",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-20540"
    },
    {
      "cve": "CVE-2024-21953",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-21953"
    },
    {
      "cve": "CVE-2024-21961",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-21961"
    },
    {
      "cve": "CVE-2024-36310",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36310"
    },
    {
      "cve": "CVE-2024-36311",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36311"
    },
    {
      "cve": "CVE-2024-36355",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36355"
    },
    {
      "cve": "CVE-2025-0012",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0012"
    },
    {
      "cve": "CVE-2025-0026",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0026"
    },
    {
      "cve": "CVE-2025-0029",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0029"
    },
    {
      "cve": "CVE-2025-0031",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0031"
    },
    {
      "cve": "CVE-2025-0045",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0045"
    },
    {
      "cve": "CVE-2025-29939",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29939"
    },
    {
      "cve": "CVE-2025-29946",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29946"
    },
    {
      "cve": "CVE-2025-29948",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29948"
    },
    {
      "cve": "CVE-2025-29949",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29949"
    },
    {
      "cve": "CVE-2025-29950",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29950"
    },
    {
      "cve": "CVE-2025-29951",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29951"
    },
    {
      "cve": "CVE-2025-29952",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29952"
    },
    {
      "cve": "CVE-2025-48509",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48509"
    },
    {
      "cve": "CVE-2025-48514",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48514"
    },
    {
      "cve": "CVE-2025-485142",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-485142"
    },
    {
      "cve": "CVE-2025-48515",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48515"
    },
    {
      "cve": "CVE-2025-48517",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48517"
    },
    {
      "cve": "CVE-2025-52533",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52533"
    },
    {
      "cve": "CVE-2025-525331",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-525331"
    },
    {
      "cve": "CVE-2025-52534",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52534"
    },
    {
      "cve": "CVE-2025-52536",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52536"
    },
    {
      "cve": "CVE-2025-54514",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-54514"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-29949 (GCVE-0-2025-29949)

FKIE_CVE-2025-29949

GHSA-7J6Q-4XF6-XXW5

WID-SEC-W-2026-0381

Tags

Sightings

Nomenclature