CVE-2024-36345 | AMD EPYC 4004 System Management Mode improper access control for volatile memory containing boot code

A vulnerability, which was classified as problematic, was found in AMD EPYC 4004, EPYC 4005, Ryzen 6000 Processors with Radeon Graphics, Ryzen 7040 Mobile Processors with Radeon Graphics, Ryzen 7045 Mobile Processors with Radeon Graphics, Ryzen 7000 Desktop Processors, Ryzen 9000HX Mobile Processors, Ryzen AI MAX, Ryzen AI 300 Processors, Ryzen Threadripper 7000 Processors, Ryzen Threadripper PRO 7000 WX-Series Processors, Ryzen 8000 Desktop Processors, Ryzen 9000 Desktop Processors, Ryzen 8040 Mobile Processors with Radeon Graphics, Ryzen Embedded 8000 Processors, Ryzen Embedded V3000 Processors, Ryzen Embedded 7000 Processors and Ryzen Embedded 9000 Processors. Affected by this vulnerability is an unknown functionality of the component System Management Mode. Such manipulation leads to improper access control for volatile memory containing boot code.

This vulnerability is referenced as CVE-2024-36345. The attack can only be performed from a local environment. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More