Amd epyc™ 7002 series processors

This hub aggregates every CVE we track for Amd epyc™ 7002 series processors, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 12 most recently published vulnerabilities affecting Amd epyc™ 7002 series processors.

• CVE-2025-54518Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially re...7.0May 15, 2026
• CVE-2025-54502Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resul...7.5Apr 16, 2026
• CVE-2024-21961Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service atta...6.3Feb 12, 2026
• CVE-2025-52533Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.7.7Feb 12, 2026
• CVE-2024-36354Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root o...7.5Sep 6, 2025
• CVE-2024-36348A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in informatio...3.8Jul 8, 2025
• CVE-2024-36349A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.3.8Jul 8, 2025
• CVE-2023-20599Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in potential loss of control...7.9Jun 10, 2025
• CVE-2024-21981Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potenti...5.7Aug 13, 2024
• CVE-2021-46772Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory r...3.9Aug 13, 2024
• CVE-2021-26387Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leadi...3.9Aug 13, 2024
• CVE-2021-26344An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting...7.2Aug 13, 2024