CVE-2024-21939

Summary

Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Cloud Manageability Service Software0 < 2.0.0.232affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References