CVE-2021-26316

2023-01-1019:46:46

AMD

www.cve.org

cve-2021-26316

bios

communication buffer

smm

arbitrary code execution

AI Score

8.3

Confidence

High

EPSS

Percentile

12.7%

JSON

Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen 5000 Series ",
    "vendor": " AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen 2000 Series",
    "vendor": " AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "Ryzen 3000 Series",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA ",
    "platforms": [
      "x86"
    ],
    "product": "1st Gen EPYC ",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "2nd Gen EPYC",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "Various "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "AGESA",
    "platforms": [
      "x86"
    ],
    "product": "3rd Gen EPYC",
    "vendor": "AMD",
    "versions": [
      {
        "status": "affected",
        "version": "various "
      }
    ]
  }
]