Vulnerability Name:

CVE-2021-26335 (CCN-213708)

Assigned:2021-11-01
Published:2021-11-01
Updated:2022-05-12
Summary:Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2021-26335

Source: XF
Type: UNKNOWN
amd-cve202126335-code-exec(213708)

Source: CCN
Type: AMD-SB-1021
AMD Server Vulnerabilities

Source: MISC
Type: UNKNOWN
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027

Vulnerable Configuration:Configuration 1:
  • cpe:/o:amd:epyc_7003_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7003:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:amd:epyc_7002_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7002:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:amd:epyc_7001_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7001:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_72f3:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7313:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7313p:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7343:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_73f3:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7413:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7443:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7443p:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7453:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_74f3:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7513:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7543:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7543p:-:*:*:*:*:*:*:*

    • Configuration 17:
  • cpe:/o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_75f3:-:*:*:*:*:*:*:*

    • Configuration 18:
  • cpe:/o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7643:-:*:*:*:*:*:*:*

    • Configuration 19:
  • cpe:/o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7663:-:*:*:*:*:*:*:*

    • Configuration 20:
  • cpe:/o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7713:-:*:*:*:*:*:*:*

    • Configuration 21:
  • cpe:/o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7713p:-:*:*:*:*:*:*:*

    • Configuration 22:
  • cpe:/o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:* (Version < milanpi-sp3_1.0.0.4)
  • AND
  • cpe:/h:amd:epyc_7763:-:*:*:*:*:*:*:*

    • Configuration 23:
  • cpe:/o:amd:epyc_7232p_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7232p:-:*:*:*:*:*:*:*

    • Configuration 24:
  • cpe:/o:amd:epyc_7252_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7252:-:*:*:*:*:*:*:*

    • Configuration 25:
  • cpe:/o:amd:epyc_7262_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7262:-:*:*:*:*:*:*:*

    • Configuration 26:
  • cpe:/o:amd:epyc_7272_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7272:-:*:*:*:*:*:*:*

    • Configuration 27:
  • cpe:/o:amd:epyc_7282_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7282:-:*:*:*:*:*:*:*

    • Configuration 28:
  • cpe:/o:amd:epyc_7302_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7302:-:*:*:*:*:*:*:*

    • Configuration 29:
  • cpe:/o:amd:epyc_7302p_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7302p:-:*:*:*:*:*:*:*

    • Configuration 30:
  • cpe:/o:amd:epyc_7352_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7352:-:*:*:*:*:*:*:*

    • Configuration 31:
  • cpe:/o:amd:epyc_7402_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7402:-:*:*:*:*:*:*:*

    • Configuration 32:
  • cpe:/o:amd:epyc_7402p_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7402p:-:*:*:*:*:*:*:*

    • Configuration 33:
  • cpe:/o:amd:epyc_7452_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7452:-:*:*:*:*:*:*:*

    • Configuration 34:
  • cpe:/o:amd:epyc_7502_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7502:-:*:*:*:*:*:*:*

    • Configuration 35:
  • cpe:/o:amd:epyc_7502p_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7502p:-:*:*:*:*:*:*:*

    • Configuration 36:
  • cpe:/o:amd:epyc_7532_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7532:-:*:*:*:*:*:*:*

    • Configuration 37:
  • cpe:/o:amd:epyc_7542_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7542:-:*:*:*:*:*:*:*

    • Configuration 38:
  • cpe:/o:amd:epyc_7552_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7552:-:*:*:*:*:*:*:*

    • Configuration 39:
  • cpe:/o:amd:epyc_7642_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7642:-:*:*:*:*:*:*:*

    • Configuration 40:
  • cpe:/o:amd:epyc_7662_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7662:-:*:*:*:*:*:*:*

    • Configuration 41:
  • cpe:/o:amd:epyc_7702_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7702:-:*:*:*:*:*:*:*

    • Configuration 42:
  • cpe:/o:amd:epyc_7702p_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7702p:-:*:*:*:*:*:*:*

    • Configuration 43:
  • cpe:/o:amd:epyc_7742_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7742:-:*:*:*:*:*:*:*

    • Configuration 44:
  • cpe:/o:amd:epyc_7f32_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7f32:-:*:*:*:*:*:*:*

    • Configuration 45:
  • cpe:/o:amd:epyc_7f52_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7f52:-:*:*:*:*:*:*:*

    • Configuration 46:
  • cpe:/o:amd:epyc_7f72_firmware:*:*:*:*:*:*:*:* (Version < romepi-sp3_1.0.0.c)
  • AND
  • cpe:/h:amd:epyc_7f72:-:*:*:*:*:*:*:*

    • Configuration 47:
  • cpe:/o:amd:epyc_7251_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7251:-:*:*:*:*:*:*:*

    • Configuration 48:
  • cpe:/o:amd:epyc_7281_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7281:-:*:*:*:*:*:*:*

    • Configuration 49:
  • cpe:/o:amd:epyc_7301_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7301:-:*:*:*:*:*:*:*

    • Configuration 50:
  • cpe:/o:amd:epyc_7351_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7351:-:*:*:*:*:*:*:*

    • Configuration 51:
  • cpe:/o:amd:epyc_7351p_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7351p:-:*:*:*:*:*:*:*

    • Configuration 52:
  • cpe:/o:amd:epyc_7401_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7401:-:*:*:*:*:*:*:*

    • Configuration 53:
  • cpe:/o:amd:epyc_7401p_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7401p:-:*:*:*:*:*:*:*

    • Configuration 54:
  • cpe:/o:amd:epyc_7451_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7451:-:*:*:*:*:*:*:*

    • Configuration 55:
  • cpe:/o:amd:epyc_7501_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7501:-:*:*:*:*:*:*:*

    • Configuration 56:
  • cpe:/o:amd:epyc_7551_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7551:-:*:*:*:*:*:*:*

    • Configuration 57:
  • cpe:/o:amd:epyc_7551p_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7551p:-:*:*:*:*:*:*:*

    • Configuration 58:
  • cpe:/o:amd:epyc_7601_firmware:*:*:*:*:*:*:*:* (Version < naplespi-sp3_1.0.0.g)
  • AND
  • cpe:/h:amd:epyc_7601:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    amd epyc 7003 firmware *
    amd epyc 7003 -
    amd epyc 7002 firmware *
    amd epyc 7002 -
    amd epyc 7001 firmware *
    amd epyc 7001 -
    amd epyc 72f3 firmware *
    amd epyc 72f3 -
    amd epyc 7313 firmware *
    amd epyc 7313 -
    amd epyc 7313p firmware *
    amd epyc 7313p -
    amd epyc 7343 firmware *
    amd epyc 7343 -
    amd epyc 73f3 firmware *
    amd epyc 73f3 -
    amd epyc 7413 firmware *
    amd epyc 7413 -
    amd epyc 7443 firmware *
    amd epyc 7443 -
    amd epyc 7443p firmware *
    amd epyc 7443p -
    amd epyc 7453 firmware *
    amd epyc 7453 -
    amd epyc 74f3 firmware *
    amd epyc 74f3 -
    amd epyc 7513 firmware *
    amd epyc 7513 -
    amd epyc 7543 firmware *
    amd epyc 7543 -
    amd epyc 7543p firmware *
    amd epyc 7543p -
    amd epyc 75f3 firmware *
    amd epyc 75f3 -
    amd epyc 7643 firmware *
    amd epyc 7643 -
    amd epyc 7663 firmware *
    amd epyc 7663 -
    amd epyc 7713 firmware *
    amd epyc 7713 -
    amd epyc 7713p firmware *
    amd epyc 7713p -
    amd epyc 7763 firmware *
    amd epyc 7763 -
    amd epyc 7232p firmware *
    amd epyc 7232p -
    amd epyc 7252 firmware *
    amd epyc 7252 -
    amd epyc 7262 firmware *
    amd epyc 7262 -
    amd epyc 7272 firmware *
    amd epyc 7272 -
    amd epyc 7282 firmware *
    amd epyc 7282 -
    amd epyc 7302 firmware *
    amd epyc 7302 -
    amd epyc 7302p firmware *
    amd epyc 7302p -
    amd epyc 7352 firmware *
    amd epyc 7352 -
    amd epyc 7402 firmware *
    amd epyc 7402 -
    amd epyc 7402p firmware *
    amd epyc 7402p -
    amd epyc 7452 firmware *
    amd epyc 7452 -
    amd epyc 7502 firmware *
    amd epyc 7502 -
    amd epyc 7502p firmware *
    amd epyc 7502p -
    amd epyc 7532 firmware *
    amd epyc 7532 -
    amd epyc 7542 firmware *
    amd epyc 7542 -
    amd epyc 7552 firmware *
    amd epyc 7552 -
    amd epyc 7642 firmware *
    amd epyc 7642 -
    amd epyc 7662 firmware *
    amd epyc 7662 -
    amd epyc 7702 firmware *
    amd epyc 7702 -
    amd epyc 7702p firmware *
    amd epyc 7702p -
    amd epyc 7742 firmware *
    amd epyc 7742 -
    amd epyc 7f32 firmware *
    amd epyc 7f32 -
    amd epyc 7f52 firmware *
    amd epyc 7f52 -
    amd epyc 7f72 firmware *
    amd epyc 7f72 -
    amd epyc 7251 firmware *
    amd epyc 7251 -
    amd epyc 7281 firmware *
    amd epyc 7281 -
    amd epyc 7301 firmware *
    amd epyc 7301 -
    amd epyc 7351 firmware *
    amd epyc 7351 -
    amd epyc 7351p firmware *
    amd epyc 7351p -
    amd epyc 7401 firmware *
    amd epyc 7401 -
    amd epyc 7401p firmware *
    amd epyc 7401p -
    amd epyc 7451 firmware *
    amd epyc 7451 -
    amd epyc 7501 firmware *
    amd epyc 7501 -
    amd epyc 7551 firmware *
    amd epyc 7551 -
    amd epyc 7551p firmware *
    amd epyc 7551p -
    amd epyc 7601 firmware *
    amd epyc 7601 -