Amd epyc embedded 7002
This hub aggregates every CVE we track for Amd epyc embedded 7002, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
0
Critical
5
High
0
In CISA KEV
Severity distribution
HIGH5LOW2MEDIUM2
Monthly trend
0
0
0
0
0
0
0
2
0
0
0
1
2
0
0
0
0
0
0
2
0
1
0
0
2024-072026-06
Latest CVEs
The 9 most recently published vulnerabilities affecting Amd epyc embedded 7002.
- CVE-2025-54502Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resul...7.5
- CVE-2024-21961Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service atta...6.3
- CVE-2025-52533Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.7.7
- CVE-2024-36348A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in informatio...3.8
- CVE-2024-36349A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.3.8
- CVE-2024-36347Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrit...6.4
- CVE-2024-21925Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.8.2
- CVE-2024-21924SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution.8.2
- CVE-2022-23829A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.8.2
Product normalization is registry-driven with AI assist and human review. How it works