CVE-2021-26360

Published: Nov 9, 2022Modified: May 1, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An attacker with local access to the system can make unauthorized modifications of the security configuration of the SOC registers. This could allow potential corruption of AMD secure processor’s encrypted memory contents which may lead to arbitrary code execution in ASP.

Affected (3)

Products: Amd: Enterprise Driver, Radeon Pro Software, Radeon Software

3 products

Configuration A

3 vulnerable · 33 platform

Vulnerable Software	Affected Versions
Amd Enterprise Driver	Before 22.10.20
Amd Radeon Pro Software	Before 22.q2
Amd Radeon Software	Before 22.5.2

Running on/with	Platform Versions
Amd Radeon Pro W6300m	All versions
Amd Radeon Pro W6400	All versions
Amd Radeon Pro W6500m	All versions
Amd Radeon Pro W6600	All versions
Amd Radeon Pro W6600m	All versions
Amd Radeon Pro W6600x	All versions
Amd Radeon Pro W6800	All versions
Amd Radeon Pro W6800x	All versions
Amd Radeon Pro W6800x Duo	All versions
Amd Radeon Pro W6900x	All versions
Amd Radeon Rx 6300m	All versions
Amd Radeon Rx 6400	All versions
Amd Radeon Rx 6500 Xt	All versions
Amd Radeon Rx 6500m	All versions
Amd Radeon Rx 6600	All versions
Amd Radeon Rx 6600 Xt	All versions
Amd Radeon Rx 6600m	All versions
Amd Radeon Rx 6600s	All versions
Amd Radeon Rx 6650 Xt	All versions
Amd Radeon Rx 6650m	All versions
Amd Radeon Rx 6650m Xt	All versions
Amd Radeon Rx 6700	All versions
Amd Radeon Rx 6700 Xt	All versions
Amd Radeon Rx 6700m	All versions
Amd Radeon Rx 6700s	All versions
Amd Radeon Rx 6750 Xt	All versions
Amd Radeon Rx 6800	All versions
Amd Radeon Rx 6800 Xt	All versions
Amd Radeon Rx 6800m	All versions
Amd Radeon Rx 6800s	All versions
Amd Radeon Rx 6850m Xt	All versions
Amd Radeon Rx 6900 Xt	All versions
Amd Radeon Rx 6950 Xt	All versions

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029

Source: psirt@amd.com

Vendor Advisory

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1029

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.