Description
Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Affected products
- AMD / AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphicsvarious – various
- AMD / AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphicsvarious – various
- AMD / AMD EPYC™ 7001 Series Processorsvarious – various
- AMD / AMD EPYC™ 7002 Series Processorsvarious – various
- AMD / AMD EPYC™ 7003 Series Processorsvarious – various
- AMD / AMD EPYC™ Embedded 3000 Series Processorsvarious – various
- AMD / AMD EPYC™ Embedded 7002 Series Processorsvarious – various
- AMD / AMD EPYC™ Embedded 7003 Series Processorsvarious – various
- AMD / AMD Ryzen™ 3000 Series Desktop Processorsvarious – various
- AMD / AMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphicsvarious – various
- AMD / AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphicsvarious – various
- AMD / AMD Ryzen™ 5000 Series Desktop Processorsvarious – various
- AMD / AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphicsvarious – various
- AMD / AMD Ryzen™ Embedded 5000 Series Processorsvarious – various
- AMD / AMD Ryzen™ Embedded R1000 Series Processorsvarious – various
- AMD / AMD Ryzen™ Embedded R2000 Series Processorsvarious – various
- AMD / AMD Ryzen™ Embedded V1000 Series Processorsvarious – various
- AMD / AMD Ryzen™ Threadripper™ 3000 Series Processorsvarious – various
- AMD / AMD Ryzen™ Threadripper™ PRO 3000WX Series Processorsvarious – various
- AMD / AMD Ryzen™ Threadripper™ PRO 5000WX Processorsvarious – various