Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-21970

CVSS 4.4 · Medium EPSS 0.02% · P4
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-21970

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对数组索引的验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
AMD Embedded Processors和AMD Client Processor 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AMD Embedded Processors和AMD Client Processor都是美国超威半导体(AMD)公司的产品。AMD Embedded Processors是一系列嵌入式高性能 GPU。AMD Client Processor是面向客户端设备(如个人电脑、笔记本电脑等)的处理器。 AMD Embedded Processors和AMD Client Processor存在安全漏洞,该漏洞源于数组索引验证不足,可能导致AGESA内存损坏和完整性损失。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
AMDAMD Ryzen™ Threadripper™ 3000 Processors CastlePeakPI-SP3r3 1.0.0.C -
AMDAMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors ChagallWSPI-sWRX8-1.0.0.9 -
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors CastlePeakWSPI-sWRX8 1.0.0.E -
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Picasso-FP5 1.0.1.2 -
AMDRenoir Cezanne Raven Ridge Raven Ridge 2 Picasso Summit Pinnacle Ridge Matisse Vermeer ComboAM4v2PI_1.2.0.D -
AMDAMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics ComboAM4PI_1.0.0.F -
AMDAMD Ryzen™ 8000 Series Desktop Processors ComboAM5 1.2.0.0 -
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics RenoirPI-FP6_1.0.0.E -
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics RembrandtPI-FP7_1.0.0.B -
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ Graphics MendocinoPI-FT6_1.0.0.6 -
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics DragonRangeFL1 1.0.0.3d -
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ Graphics RembrandtPI-FP7_1.0.0.B -
AMDAMD Ryzen™ 7000 Series Desktop Processors ComboAM5 1.2.0.0 -
AMDAMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6_1.0.1.1 -
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6_1.0.1.1 -
AMDAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics Picasso-FP5 1.0.1.2 -
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Picasso-FP5 1.0.1.2 -
AMDAMD Ryzen™ 3000 Series Desktop Processors ComboAM4PI_1.0.0.F -
AMDAMD Ryzen™ 5000 Series Desktop Processors ComboAM4PI_1.0.0.F -
AMDAMD Ryzen™ Embedded R1000 Series Processors EmbeddedPI-FP5 1.2.0.E -
AMDAMD Ryzen™ Embedded R2000 Series Processors EmbeddedR2KPI-FP5 1005 -
AMDAMD Ryzen™ Embedded 7000 Series Processors EmbeddedAM5PI 1.0.0.3 -
AMDAMD Ryzen™ Embedded 5000 Series Processors EmbAM4PI 1.0.0.7 -
AMDAMD Ryzen™ Embedded V1000 Series Processors EmbeddedPI-FP5 1.2.0.E -
AMDAMD Ryzen™ Embedded V2000 Series Processors EmbeddedPI-FP6_1.0.0.B -
AMDAMD Ryzen™ Embedded V3000 Series Processors Embedded-PI_FP7r2 100A -

II. Public POCs for CVE-2024-21970

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-21970

登录查看更多情报信息。

Same Patch Batch · AMD · 2025-09-06 · 23 CVEs total

CVE-2024-363428.8 HIGHAMD Graphics Driver和AMD Embedded Processors 安全漏洞
CVE-2023-313228.7 HIGHAMD Graphics Driver 安全漏洞
CVE-2024-363268.4 HIGHAMD Client Processor 安全漏洞
CVE-2024-363528.4 HIGHAMD Graphics Driver 安全漏洞
CVE-2024-219477.5 HIGHAMD Embedded Processors和AMD Client Processor 安全漏洞
CVE-2024-363547.5 HIGHAMD多款产品 安全漏洞
CVE-2025-00327.2 HIGHAMD多款产品 安全漏洞
CVE-2023-313257.2 HIGHAMD Graphics Driver和AMD Client Processor 安全漏洞
CVE-2025-00106.1 MEDIUMAMD Graphics Driver 安全漏洞
CVE-2024-363466.0 MEDIUMAMD Graphics Driver 安全漏洞
CVE-2025-00095.5 MEDIUMAMD Graphics Driver 安全漏洞
CVE-2023-313515.3 MEDIUMAMD Embedded Processors和AMD Server Processor 安全漏洞
CVE-2025-00344.7 MEDIUMAMD Graphics Driver 安全漏洞
CVE-2021-263774.1 MEDIUMAMD多款产品 安全漏洞
CVE-2023-313653.9 LOWAMD Graphics Driver 安全漏洞
CVE-2025-00113.3 LOWAMD Graphics Driver 安全漏洞
CVE-2023-313063.3 LOWAMD Graphics Driver 安全漏洞
CVE-2023-205163.3 LOWAMD Graphics Driver 安全漏洞
CVE-2024-363313.2 LOWAMD Embedded Processors和AMD Server Processor 安全漏洞
CVE-2021-467503.0 LOWAMD Graphics Driver、AMD Embedded Processors和AMD Client Processor 安全漏洞

Showing top 20 of 23 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: AMD Ryzen™ Threadripper™ 3000 Processors
Same vendor: AMD
Same weakness: CWE-129

V. Comments for CVE-2024-21970

No comments yet

Leave a comment