Amd epyc embedded 9004

This hub aggregates every CVE we track for Amd epyc embedded 9004, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Amd epyc embedded 9004.

• CVE-2023-20585Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting ...5.3Apr 16, 2026
• CVE-2025-52536Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.6.0Feb 10, 2026
• CVE-2025-29943Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside ...3.2Jan 16, 2026
• CVE-2025-0033Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a loss of SEV-SNP guest memory integrity.6.0Oct 14, 2025
• CVE-2024-36357A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boun...5.6Jul 8, 2025
• CVE-2024-36350A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.5.6Jul 8, 2025
• CVE-2024-36348A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in informatio...3.8Jul 8, 2025
• CVE-2024-36349A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.3.8Jul 8, 2025
• CVE-2024-36347Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrit...6.4Jun 27, 2025
• CVE-2023-31345Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5Feb 11, 2025
• CVE-2023-31352A bug in the SEV firmware may allow an attacker with privileges to read unencrypted memory, potentially resulting in loss of guest private data.6.0Feb 11, 2025
• CVE-2023-31343Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5Feb 11, 2025
• CVE-2023-31342Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5Feb 11, 2025
• CVE-2023-20582Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry (PTE) faults to bypass RMP checks in SEV-SNP, potentially leading to a...5.3Feb 11, 2025
• CVE-2023-20581Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity.2.5Feb 11, 2025