Amd Ryzen Pro Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Amd Ryzen Pro Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2018-8930 — CVSS 9.0 (critical): The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka…
CVE-2018-8931 — CVSS 9.0 (critical): The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1.
CVE-2018-8932 — CVSS 9.0 (critical): The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and…
CVE-2018-8934 — CVSS 9.0 (critical): The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW.
CVE-2018-8935 — CVSS 9.0 (critical): The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW.
CVE-2018-8936 — CVSS 9.0 (critical): The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation.
CVE-2021-26318 — CVSS 4.7 (medium): A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked…