CVE-2024-36347
Published: Jun 27, 2025
Modified: Feb 26, 2026
CVSS v3.1
6.4
Description
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
| Vendor | Product | Versions |
|---|---|---|
AMD | AMD EPYC™ 7001 Series | unaffected NaplesPI 1.0.0.P |
AMD | AMD EPYC™ 7002 Series | unaffected RomePI 1.0.0.L |
AMD | AMD EPYC™ 7003 Series | unaffected MilanPI 1.0.0.F |
AMD | AMD EPYC™ 9004 Series | unaffected Genoa 1.0.0.E |
AMD | AMD EPYC™ 4004 Series | unaffected ComboAM5PI1.0.0.aunaffected ComboAM5PI1.1.0.3cunaffected ComboAM5PI1.2.0.3 |
AMD | AMD EPYC™ 9005 Series | unaffected TurinPI 1.0.0.4 |
AMD | AMD Instinct™ MI300A | unaffected MI300PI_SR5 1.0.0.8 |
AMD | AMD Ryzen™ 5000 Series Desktop Processors | unaffected ComboAM4v2PI 1.2.0.E |
AMD | AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics | unaffected ComboAM4v2PI 1.2.0.E |
AMD | AMD Ryzen™ 3000 Series Desktop Processors | unaffected ComboAM4PI 1.0.0.Dunaffected ComboAM4v2PI 1.2.0.E |
AMD | AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics | unaffected ComboAM4PI 1.0.0.Dunaffected ComboAM4v2PI 1.2.0.E |
AMD | AMD Ryzen™ 7000 Series Desktop Processors | unaffected ComboAM5PI 1.0.0.aunaffected ComboAM5PI 1.1.0.3cunaffected ComboAM5PI 1.2.0.3 |
AMD | AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics | unaffected ComboAM4v2PI 1.2.0.E |
AMD | AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics | unaffected ComboAM5PI 1.1.0.3cunaffected ComboAM5PI 1.2.0.3 |
AMD | AMD Ryzen™ 9000 Series Desktop Processors | unaffected ComboAM5PI 1.2.0.3c |
AMD | AMD Ryzen™ Threadripper™ 3000 Series Processors | unaffected CastlePeakPI-SP3r3 1.0.0.E |
AMD | AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors | unaffected StormPeakPI-SP6 1.0.0.1kunaffected StormPeakPI-SP6 1.1.0.0i |
AMD | AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors | unaffected ChagallWSPI-sWRX8 1.0.0.Bunaffected CastlePeakWSPI-sWRX8 1.0.0.g |
AMD | AMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors | unaffected ChagallWSPI-sWRX8 1.0.0.B |
AMD | AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics | unaffected PicassoPI-FP5 1.0.1.2b |
AMD | AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics | unaffected PicassoPI-FP5 1.0.1.2b |
AMD | AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics | unaffected RenoirPI-FP6 1.0.0.Eb |
AMD | AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics | unaffected CezannePI-FP6 1.0.1.1b |
AMD | AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics | unaffected MendocinoPI-FT6 1.0.0.7b |
AMD | AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics | unaffected RembrandtPI-FP7 1.0.0.Bb |
AMD | AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics | unaffected RembrandtPI-FP7 1.0.0.Bb |
AMD | AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics | unaffected CezannePI-FP6 1.0.1.1b |
AMD | AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics | unaffected PhoenixPI-FP8-FP7 1.2.0.0 |
AMD | AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics | unaffected PhoenixPI-FP8-FP7 1.2.0.0 |
AMD | AMD Ryzen™ 7045 Series Mobile Processors | unaffected DragonRangeFL1 1.0.0.3g |
AMD | AMD Ryzen™ AI 300 Series | unaffected StrixKrakenPI-FP8_1.1.0.0b |
AMD | AMD Ryzen™ AI Max + | unaffected StrixHaloPI-FP11_1.0.0.1 |
AMD | AMD Ryzen™ 9000HX Series Mobile Processors | unaffected FireRangeFL1PI 1.0.0.0a |
AMD | AMD EPYC™ Embedded 3000 | unaffected SnowyOwl PI 1.1.0.E |
AMD | AMD EPYC™ Embedded 7002 | unaffected EmbRomePI-SP3 1.0.0.D |
AMD | AMD EPYC™ Embedded 7003 | unaffected EmbMilan PI-SP3 1.0.0.A |
AMD | AMD EPYC™ Embedded 8004 | unaffected EmbGenoaPI-SP5 1.0.0.9 |
AMD | AMD EPYC™ Embedded 9004 | unaffected EmbGenoaPI-SP5 1.0.0.9 |
AMD | AMD EPYC™ Embedded 97X4 | unaffected EmbGenoaPI-SP5 1.0.0.9 |
AMD | AMD Ryzen™ Embedded R1000 | unaffected EmbeddedPI-FP5 1.2.0.F |
AMD | AMD Ryzen™ Embedded R2000 | unaffected EmbeddedR2KPI 1.0.0.5 |
AMD | AMD Ryzen™ Embedded 5000 | unaffected EmbAM4PI 1.0.0.7 |
AMD | AMD Ryzen™ Embedded 7000 | unaffected EmbeddedAM5PI 1.0.0.3 |
AMD | AMD Ryzen™ Embedded V1000 | unaffected EmbeddedPI-FP5 1.2.0.F |
AMD | AMD Ryzen™Embedded V2000 | unaffected EmbeddedPI-FP6 1.0.0.B |
AMD | AMD Ryzen™Embedded V3000 | unaffected EmbeddedPI-FP7R2 1.0.0.C |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now