CVE-2021-26402

EPSS 0.05% · P17 Updated Apr 09, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-26402

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Insufficient bounds checking in ASP (AMD Secure Processor) firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

AMD Secure Processor 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

AMD Secure Processor（ASP）是美国超威半导体（AMD）公司的一款独立的 ARM Coretex-A5 芯片。 ASP (AMD Secure Processor)存在安全漏洞，该漏洞源于边界检查不足。攻击者利用该漏洞将部分控制的数据写入SMM或SEV-ES区域，从而导致潜在的完整性和可用性损失。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
AMD	2nd Gen EPYC	Various	-
AMD	3rd Gen EPYC	various	-

II. Public POCs for CVE-2021-26402

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-26402

请登录查看更多情报信息。

Same Patch Batch · AMD · 2023-01-10 · 14 CVEs total

CVE-2023-20530		AMD System Management Unit(SMU) 输入验证错误漏洞
CVE-2023-20527		AMD Secure Processor(ASP) 输入验证错误漏洞
CVE-2022-23814		多款AMD产品输入验证错误漏洞
CVE-2021-46791		AMD System Management Mode 缓冲区错误漏洞
CVE-2021-46779		AMD Secure Processor 缓冲区错误漏洞
CVE-2021-26409		AMD Secure Encrypted Virtualization 安全漏洞
CVE-2021-26404		AMD Secure Encrypted Virtualization (SEV) 输入验证错误漏洞
CVE-2021-26403		AMD Secure Encrypted Virtualization (SEV) 安全漏洞
CVE-2021-26398		AMD Secure Processor 缓冲区错误漏洞
CVE-2021-26396		AMD Secure Processor 数据伪造问题漏洞
CVE-2021-26355		AMD System Management Unit (SMU) 资源管理错误漏洞
CVE-2021-26343		AMD Secure Processor 安全漏洞
CVE-2021-26328		AMD Secure Processor 安全漏洞

IV. Related Vulnerabilities

Same product: 2nd Gen EPYC

Same vendor: AMD

V. Comments for CVE-2021-26402

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-26402

I. Basic Information for CVE-2021-26402

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-26402

III. Intelligence Information for CVE-2021-26402

Same Patch Batch · AMD · 2023-01-10 · 14 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-26402

Leave a comment