CVE-2021-46773

high-risk
Published 2023-05-09

Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code execution.

Do I need to act?

-
0.22% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (20)

Ryzen 6600H Firmware
Ryzen 6600Hs Firmware
Ryzen 6600U Firmware
Ryzen 6800H Firmware
Ryzen 6800Hs Firmware
Ryzen 6800U Firmware
Ryzen 6900Hs Firmware
Ryzen 6900Hx Firmware
Ryzen 6980Hs Firmware
Ryzen 6980Hx Firmware
Ryzen 5300G Firmware
Ryzen 5300Ge Firmware
Ryzen 5500 Firmware
Ryzen 5600 Firmware
Ryzen 5600G Firmware
Ryzen 5600Ge Firmware
Ryzen 5600X Firmware
Ryzen 5700G Firmware
Ryzen 5700Ge Firmware
Ryzen 5700X Firmware

Affected Vendors

Amd

References (2)

Vendor Advisory https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001
Vendor Advisory https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001
61
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 1/34 · Minimal
Exposure 30/34 · Critical