Amd ryzen 3000 series desktop processors

This hub aggregates every CVE we track for Amd ryzen 3000 series desktop processors, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Hardware Firmware

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

HIGH5MEDIUM3LOW1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 9 most recently published vulnerabilities affecting Amd ryzen 3000 series desktop processors.

CVE-2025-54518Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially re...7.0May 15, 2026
CVE-2025-54502Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resul...7.5Apr 16, 2026
CVE-2021-26410Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of th...5.2Feb 10, 2026
CVE-2021-26381Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memor...6.4Feb 10, 2026
CVE-2023-20518Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially res...1.9Aug 13, 2024
CVE-2022-23829A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM protections.8.2Jun 18, 2024
CVE-2023-20569 A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled addres...4.7Aug 8, 2023
CVE-2023-20558 Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges. 8.8Mar 23, 2023
CVE-2023-20559 Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to escalation of privileges. 8.8Mar 23, 2023

Product normalization is registry-driven with AI assist and human review. How it works