Amd Epyc Embedded 7002 Series Processors vulnerabilities

CVE-2025-52533 [HIGH] CWE-1191 CVE-2025-52533: Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.

CVE-2024-36349 [LOW] CWE-1420 CVE-2024-36349: A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.

CVE-2024-36348 [LOW] CWE-1420 CVE-2024-36348: A transient execution vulnerability in some AMD processors may allow a user process to infer the con A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.

CVE-2021-46746 [MEDIUM] CWE-120 CVE-2021-46746: Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service.

CVE-2024-21981 [MEDIUM] CWE-639 CVE-2024-21981: Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who Improper key usage control in AMD Secure Processor (ASP) may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity.

CVE-2021-26387 [LOW] CWE-863 CVE-2021-26387: Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signin Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.