QwikSec

Security Database

CVE

CWE

Training

CVE-2021-26315

Published: Nov 16, 2021

Modified: Sep 17, 2024

PUBLISHED

Description

When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used.

Vendor	Product	Versions
AMD	3rd Gen AMD EPYC™	affected `unspecified - < MilanPI-SP3_1.0.0.4`

Weaknesses (CWE)

References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.