CVE-2026-0438
Published: May 15, 2026
Modified: May 19, 2026
Description
A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system’s confidentiality, integrity, and availability.
| Vendor | Product | Versions |
|---|---|---|
AMD | AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics | unaffected PhoenixPI-FP8-FP7_1.2.0.0f |
AMD | AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics | unaffected DragonRangeFL1PI 1.0.0.3k |
AMD | AMD Ryzen™ 7000 Series Desktop Processors | unaffected ComboAM5PI 1.0.0.d |
AMD | AMD Ryzen™ 9000HX Series Processors | unaffected FireRangeFL1PI 1.0.0.0d |
AMD | AMD Ryzen™ AI 300 Series Processors | unaffected StrixKrackanPI-FP8_1.1.0.0e |
AMD | AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors | unaffected StormPeakPI-SP6 1.0.0.1munaffected StormPeakPI-SP6_1.1.0.0k |
AMD | AMD Ryzen™ 7000 Series Desktop Processors | unaffected ComboAM5PI 1.1.0.3f |
AMD | AMD Ryzen™ 7000 Series Desktop Processors | unaffected ComboAM5PI_1.2.0.3i |
AMD | AMD Ryzen™ 8000 Series Desktop Processors | unaffected ComboAM5PI 1.1.0.3f |
AMD | AMD Ryzen™ 8000 Series Desktop Processors | unaffected ComboAM5PI_1.2.0.3i |
AMD | AMD Ryzen™ 9000 Series Desktop Processors | unaffected ComboAM5PI_1.2.0.3i |
AMD | AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics | unaffected PhoenixPI-FP8-FP7_1.2.0.0f |
AMD | AMD Ryzen™ AI Max 300 Series Processors | unaffected StrixHaloPI-FP11_1.0.0.2a |
AMD | AMD Ryzen™ Z1 Series Processors | unaffected PhoenixPI-FP8-FP7_1.2.0.0f |
AMD | AMD Ryzen™ Z1 Series Processors | unaffected PhoenixPI-FP8-FP7_1.2.0.0f |
AMD | AMD Ryzen™ Z2 Series Processors Extreme | unaffected StrixKrackanPI-FP8_1.1.0.2d |
AMD | AMD Ryzen™ Z2 Series Processors | unaffected PhoenixPI-FP8-FP7_1.2.0.0f |
AMD | AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors | unaffected ShimadaPeakPI-SP6 1.0.0.1c |
AMD | AMD Ryzen™ Threadripper™ 7000 Processors | unaffected ShimadaPeakPI-SP6 1.0.0.1c |
AMD | AMD Ryzen™ Threadripper™ 9000 Processors | unaffected ShimadaPeakPI-SP6 1.0.0.1c |
AMD | AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors | unaffected ShimadaPeakPI-SP6 1.0.0.1c |
AMD | AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael") | unaffected ComboAM5PI_1.3.0.0 |
AMD | AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix") | unaffected ComboAM5PI_1.3.0.0 |
AMD | AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge") | unaffected ComboAM5PI_1.3.0.0 |
AMD | AMD Ryzen™ Embedded 9000 Series Processors | unaffected EmbeddedAM5PI 1.0.0.5 |
AMD | AMD Ryzen™ Embedded 8000 Series Processors | unaffected EmbeddedPhoenixPI-FP7r2_1.0.0.4 |
AMD | AMD Ryzen™ Embedded 7000 Series Processors | unaffected EmbeddedAM5PI 1.0.0.5 |
AMD | AMD EPYC™ 4004 Series Processors | unaffected ComboAM5PI 1.0.0.d / ComboAM5PI 1.1.0.3f / ComboAM5PI_1.2.0.3i |
AMD | AMD EPYC™ 4005 Series Processors | unaffected ComboAM5PI_1.2.0.3i |
Weaknesses (CWE)
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now