CVE-2021-26360

Summary

An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Radeon RX 6000 Series & PRO W6000 SeriesAMD Radeon Software < 22.5.2affected
AMDAMD Radeon RX 6000 Series & PRO W6000 SeriesAMD Radeon Pro Software Enterprise < 22.Q2affected
AMDAMD Radeon RX 6000 Series & PRO W6000 SeriesEnterprise Driver < 22.10.20affected

Weaknesses

  • TBD

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References