Vulnerability Details : CVE-2021-46773
Insufficient input validation in ABL may enable
a privileged attacker to corrupt ASP memory, potentially resulting in a loss of
integrity or code execution.
Vulnerability category: Input validation
Products affected by CVE-2021-46773
- cpe:2.3:o:amd:ryzen_5950x_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5800x3d_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5900x_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5800x_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5600x_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5700g_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5600g_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5700ge_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5600ge_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5300g_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5300ge_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5500_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5600_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5700x_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5800_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5900_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5945wx_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5955wx_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5965wx_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5975wx_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_5995wx_firmware:cezannepi-fp6_1.0.0.b:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3100_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3100_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3100_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3300x_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3300x_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3300x_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3500_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3500_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3500_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3500x_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3500x_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3500x_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600x_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600x_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600x_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600xt_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600xt_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3600xt_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3800x_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3800x_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3800x_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3800xt_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3800xt_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3800xt_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900x_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900x_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900x_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900xt_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900xt_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3900xt_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3950x_firmware:comboam4pi_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3950x_firmware:comboam4v2_pi_1.2.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_3950x_firmware:renoirpi-fp6_1.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_1200_\(af\)_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_1200_\(af\)_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_1600_\(af\)_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_1600_\(af\)_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2200g_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2200g_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2200ge_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2200ge_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2300x_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2300x_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2400g_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2400g_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2400ge_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2400ge_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2500x_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2500x_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2600_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2600_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2600e_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2600e_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2600x_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2600x_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2700_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2700_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2700e_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2700e_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2700x_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2700x_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2920x_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2920x_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2950x_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2950x_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2970wx_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2970wx_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2990wx_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_2990wx_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_pro_2100ge_firmware:pinnaclepi-am4_1.0.0.c:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_pro_2100ge_firmware:raven-fp5-am4_1.1.0.e:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6600h_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6600hs_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6600u_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6800h_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6800hs_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6800u_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6900hs_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6900hx_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6980hs_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:amd:ryzen_6980hx_firmware:rembrandtpi-fp7_1.0.0.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-46773
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 43 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-46773
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2021-46773
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-46773
-
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001
Access DeniedVendor Advisory
Jump to