Amd epyc™ embedded 9004 series processors (formerly codenamed "genoa")

This hub aggregates every CVE we track for Amd epyc™ embedded 9004 series processors (formerly codenamed "genoa"), a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 7 most recently published vulnerabilities affecting Amd epyc™ embedded 9004 series processors (formerly codenamed "genoa").

• CVE-2025-54502Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resul...7.5Apr 16, 2026
• CVE-2024-36355Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code ex...5.3Feb 10, 2026
• CVE-2024-36310Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or i...3.4Feb 10, 2026
• CVE-2025-48514Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.3.2Feb 10, 2026
• CVE-2025-48509Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memo...2.5Feb 10, 2026
• CVE-2025-52536Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.6.0Feb 10, 2026
• CVE-2025-29934A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.5.3Nov 21, 2025