gsd-2021-46766
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
Aliases
Aliases



{
  "GSD": {
    "alias": "CVE-2021-46766",
    "id": "GSD-2021-46766"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-46766"
      ],
      "details": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n",
      "id": "GSD-2021-46766",
      "modified": "2023-12-13T01:23:32.786477Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@amd.com",
        "ID": "CVE-2021-46766",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": " Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors  \u201cChagall\u201d WS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "various "
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "4th Gen AMD EPYC\u2122 Processors",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "various "
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "AMD EPYC\u2122 Embedded 9003",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "various"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "AMD"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002",
            "refsource": "MISC",
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
          },
          {
            "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002",
            "refsource": "MISC",
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
          },
          {
            "name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001",
            "refsource": "MISC",
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
          }
        ]
      },
      "source": {
        "advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9654p_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "108F1054-C8C4-4540-9B8F-7510A8C00DE3",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9654p:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C150CC54-2F64-48E7-B996-F06247114BC4",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9654_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "2AFDDF77-6A68-41A9-855A-D3B436450D93",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9654:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "84209250-5078-4E8E-8532-98F652C12D79",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9634_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BC0BDD69-8BC1-46D7-9655-CF913F0DA6F9",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9634:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "4C6C0B65-0C8C-4BCE-9B40-39B2EB5E5EA5",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9554p_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A36DB7E2-8A18-4320-8E1B-77CD4D115608",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9554p:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A2BD9C75-AA02-47C1-94C7-BA5187B8CDF0",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9554_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "473699C8-A35C-4F67-85A5-AB70C3C3995D",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9554:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A95FCDE4-82EF-4C54-A85D-960B36A46DD0",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9534_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FA2FB4A9-C883-4341-880F-EDE30F5275B3",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9534:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E8FC239C-6B12-4F7C-A725-9D66AD39F7F6",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9474f_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0E5D8A84-122E-4A10-9FC3-F208B19BF5F8",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9474f:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A1520823-129F-4F48-932B-1CA77D3446CC",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9454p_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "537004D8-84C7-4369-A26B-D3DB83B30F5E",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9454p:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "932E47BF-3831-4D72-9F26-89CA591692B8",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9454_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "27CFA9DB-772C-4375-9F7A-4B77E89325A6",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9454:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F7FDDC36-A96D-419F-A4B5-8AEF9D5FEBE5",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9374f_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "111CF9AA-F533-48CB-9A8B-36B54A31338F",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9374f:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "14BA8C50-B57A-4F6D-860B-790BD39249B0",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9354p_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "9D89ED2E-81EE-4B7A-B669-24A3C558C8F0",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9354p:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "EF0F7101-1B8B-454B-879F-8635CB16D5C7",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9354_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C68FBBCF-0B6C-4BE3-A558-0A0CD8CA5816",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9354:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "7A152B84-4935-4517-BD9D-37471C281BDA",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9334_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "7219B700-3CA5-4A01-994A-D398E45761C8",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9334:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "6B1047C6-4627-4520-AFF7-5A0A623336F9",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9274f_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "6D27B7AE-9F65-435A-8ADA-EFDE74AB1C32",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9274f:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "54EE0A4A-AA13-49CE-8825-407AD6B16B13",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9254_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "22F6220C-EEFD-4A88-95DC-86652BF4E868",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9254:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "AFDF951D-9B67-49CE-AD4A-B1052A484E65",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9224_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "73C1A76F-0CF7-4F75-8142-13CB61AEDC91",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9224:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B085546F-4791-4096-A019-738A37353165",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9174f_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "05E04E6A-AB17-4EA8-A6DB-D99E31A0E478",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9174f:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "D7811418-4B63-4CCA-B81F-379FF0277673",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9124_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F9F21CD9-AD47-4158-B06A-7BF5BEFBEE7D",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9124:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "2761489D-AABE-4ADD-AE5B-B26C4424F18A",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9684x_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "26E15633-2713-425B-B56B-0E7F406C9291",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9684x:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "71A34603-6EB8-4D75-9391-8ADC35EA5EFE",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9384x_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "28F264D8-503B-45EA-B302-72B60946FAF8",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9384x:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E6DC6F07-2E27-48C3-BD60-81496C2D3C62",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9184x_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "EB7B338B-9718-4773-A9CD-B325E157D3C2",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9184x:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "4C3085B2-AFDA-4C34-A2B6-40D599F7E907",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9754_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "17C71132-E668-4D85-806C-FC7D230E9AA7",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9754:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "4EF0ED85-2FCF-4DCB-9C7F-0B5EC5EC574C",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9754s_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8D0CCB18-115B-497D-8788-8DDDD2ADEF40",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9754s:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E74F229A-FDBD-4C3D-BE0B-9193E6E560ED",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:epyc_9734_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "6E97DA39-D9D9-42E7-9533-4411BF9CBA5F",
                    "versionEndExcluding": "genoapi_1.0.0.4",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:epyc_9734:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DE0954B5-9B6E-4C0E-905B-1E4B3FD50B04",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "D5535C20-7053-4830-A0F2-6B8179A3FE2C",
                    "versionEndExcluding": "chagallwspi-swrx8_1.0.0.5",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3995wx:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "015BEF9F-7CFC-4A99-B9B4-FB58B3F35E31",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BCDA0456-EB37-4F13-82C8-4531BD4375B2",
                    "versionEndExcluding": "chagallwspi-swrx8_1.0.0.5",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3975wx:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F3D16B66-A4EC-422D-856A-A862ECE13FBE",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C1F318AA-C432-4328-A433-F7A293C31435",
                    "versionEndExcluding": "chagallwspi-swrx8_1.0.0.5",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3955wx:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0EDF7650-0A7D-48FF-AD78-2D2DBF3CD646",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "55FF86B7-DE2B-4509-9C2F-A18806CDA346",
                    "versionEndExcluding": "chagallwspi-swrx8_1.0.0.5",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3945wx:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "85D99997-1389-493E-BDEA-9904A46E48EE",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n"
          },
          {
            "lang": "es",
            "value": "La limpieza inadecuada de datos confidenciales en el ASP Bootloader puede exponer claves secretas a un atacante privilegiado que acceda a ASP SRAM, lo que podr\u00eda provocar una p\u00e9rdida de confidencialidad."
          }
        ],
        "id": "CVE-2021-46766",
        "lastModified": "2024-02-13T20:15:50.307",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2023-11-14T19:15:10.360",
        "references": [
          {
            "source": "psirt@amd.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
          },
          {
            "source": "psirt@amd.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
          },
          {
            "source": "psirt@amd.com",
            "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
          }
        ],
        "sourceIdentifier": "psirt@amd.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-459"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.