Amd ryzen™ embedded r1000

This hub aggregates every CVE we track for Amd ryzen™ embedded r1000, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Amd ryzen™ embedded r1000.

• CVE-2024-36347Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrit...6.4Jun 27, 2025
• CVE-2024-21971Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leadi...5.5Feb 12, 2025
• CVE-2023-31343Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5Feb 11, 2025
• CVE-2023-31342Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5Feb 11, 2025
• CVE-2023-20515Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability.5.7Feb 11, 2025
• CVE-2024-0179SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution.8.2Feb 11, 2025
• CVE-2024-21925Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.8.2Feb 11, 2025
• CVE-2022-23815Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.7.5Aug 13, 2024
• CVE-2023-31315Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code...7.5Aug 9, 2024
• CVE-2022-23829A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.8.2Jun 18, 2024
• CVE-2023-20563Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. 7.8Nov 14, 2023
• CVE-2022-23821Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution. 9.8Nov 14, 2023
• CVE-2023-20521TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial ...3.3Nov 14, 2023
• CVE-2021-46754Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the S...9.1May 9, 2023
• CVE-2021-26392Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loadin...7.8Nov 9, 2022