CVE-2021-46757

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation.

Published: Feb 13, 2024
Updated: May 4, 2025
CVE: CVE-2021-46757
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
amd / ryzen_embedded_5950e_firmware	-	embam4pi_1.0.0.0
amd / ryzen_embedded_5900e_firmware	-	embam4pi_1.0.0.0
amd / ryzen_embedded_5800e_firmware	-	embam4pi_1.0.0.0
amd / ryzen_embedded_5600e_firmware	-	embam4pi_1.0.0.0
amd / ryzen_embedded_v2516_firmware	-	embeddedpi-fp6_1.0.0.6
amd / ryzen_embedded_v2546_firmware	-	embeddedpi-fp6_1.0.0.6
amd / ryzen_embedded_v2718_firmware	-	embeddedpi-fp6_1.0.0.6
amd / ryzen_embedded_v2748_firmware	-	embeddedpi-fp6_1.0.0.6
amd / ryzen_embedded_r2312_firmware	-	embeddedpi-fp6_1.0.0.6
amd / ryzen_embedded_r2314_firmware	-	embeddedpi-fp6_1.0.0.6

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001

Vulnerability Database

289,599

CVE-2021-46757