CVE-2021-26316

Summary

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDRyzen 5000 Seriesvariousaffected
AMDRyzen 2000 Seriesvariousaffected
AMDRyzen 3000 Seriesvariousaffected
AMD1st Gen EPYCvariousaffected
AMD2nd Gen EPYCVariousaffected
AMD3rd Gen EPYCvariousaffected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References