Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-36347

CVSS 6.4 · Medium EPSS 0.03% · P7
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-36347

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
密码学签名的验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
AMD Processors 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AMD Processors是美国超威半导体(AMD)公司的一款处理器。 AMD Processors存在安全漏洞,该漏洞源于微码签名验证绕过,可能导致攻击者提升权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
AMDAMD EPYC™ 7001 Series NaplesPI 1.0.0.P -
AMDAMD EPYC™ 7002 Series RomePI 1.0.0.L -
AMDAMD EPYC™ 7003 Series MilanPI 1.0.0.F -
AMDAMD EPYC™ 9004 Series Genoa 1.0.0.E -
AMDAMD EPYC™ 4004 Series ComboAM5PI1.0.0.a -
AMDAMD EPYC™ 9005 Series TurinPI 1.0.0.4 -
AMDAMD Instinct™ MI300A MI300PI_SR5 1.0.0.8 -
AMDAMD Ryzen™ 5000 Series Desktop Processors ComboAM4v2PI 1.2.0.E -
AMDAMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics ComboAM4v2PI 1.2.0.E -
AMDAMD Ryzen™ 3000 Series Desktop Processors ComboAM4PI 1.0.0.D -
AMDAMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics ComboAM4PI 1.0.0.D -
AMDAMD Ryzen™ 7000 Series Desktop Processors ComboAM5PI 1.0.0.a -
AMDAMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics ComboAM4v2PI 1.2.0.E -
AMDAMD Ryzen™ 8000 Series Processor with Radeon™ Graphics ComboAM5PI 1.1.0.3c -
AMDAMD Ryzen™ 9000 Series Desktop Processors ComboAM5PI 1.2.0.3c -
AMDAMD Ryzen™ Threadripper™ 3000 Series Processors CastlePeakPI-SP3r3 1.0.0.E -
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors StormPeakPI-SP6 1.0.0.1k -
AMDAMD Ryzen™ Threadripper™ PRO 3000WX Series Processors ChagallWSPI-sWRX8 1.0.0.B -
AMDAMD Ryzen™ Threadripper™ PRO 5000WX- Series Desktop Processors ChagallWSPI-sWRX8 1.0.0.B -
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics PicassoPI-FP5 1.0.1.2b -
AMDAMD Ryzen™ 3000 Series Mobile Processor with Radeon™ Graphics PicassoPI-FP5 1.0.1.2b -
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics RenoirPI-FP6 1.0.0.Eb -
AMDAMD Ryzen™ 5000 Series Processors with Radeon™ Graphics CezannePI-FP6 1.0.1.1b -
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ Graphics MendocinoPI-FT6 1.0.0.7b -
AMDAMD Ryzen™ 6000 Series Processor with Radeon™ Graphics RembrandtPI-FP7 1.0.0.Bb -
AMDAMD Ryzen™ 7035 Series Processor with Radeon™ Graphics RembrandtPI-FP7 1.0.0.Bb -
AMDAMD Ryzen™ 7000 Series Processors with Radeon™ Graphics CezannePI-FP6 1.0.1.1b -
AMDAMD Ryzen™ 7040 Series Processors with Radeon™ Graphics PhoenixPI-FP8-FP7 1.2.0.0 -
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics PhoenixPI-FP8-FP7 1.2.0.0 -
AMDAMD Ryzen™ 7045 Series Mobile Processors DragonRangeFL1 1.0.0.3g -
AMDAMD Ryzen™ AI 300 Series StrixKrakenPI-FP8_1.1.0.0b -
AMDAMD Ryzen™ AI Max + StrixHaloPI-FP11_1.0.0.1 -
AMDAMD Ryzen™ 9000HX Series Mobile Processors FireRangeFL1PI 1.0.0.0a -
AMDAMD EPYC™ Embedded 3000 SnowyOwl PI 1.1.0.E -
AMDAMD EPYC™ Embedded 7002 EmbRomePI-SP3 1.0.0.D -
AMDAMD EPYC™ Embedded 7003 EmbMilan PI-SP3 1.0.0.A -
AMDAMD EPYC™ Embedded 8004 EmbGenoaPI-SP5 1.0.0.9 -
AMDAMD EPYC™ Embedded 9004 EmbGenoaPI-SP5 1.0.0.9 -
AMDAMD EPYC™ Embedded 97X4 EmbGenoaPI-SP5 1.0.0.9 -
AMDAMD Ryzen™ Embedded R1000 EmbeddedPI-FP5 1.2.0.F -
AMDAMD Ryzen™ Embedded R2000 EmbeddedR2KPI 1.0.0.5 -
AMDAMD Ryzen™ Embedded 5000 EmbAM4PI 1.0.0.7 -
AMDAMD Ryzen™ Embedded 7000 EmbeddedAM5PI 1.0.0.3 -
AMDAMD Ryzen™ Embedded V1000 EmbeddedPI-FP5 1.2.0.F -
AMDAMD Ryzen™Embedded V2000 EmbeddedPI-FP6 1.0.0.B -
AMDAMD Ryzen™Embedded V3000 EmbeddedPI-FP7R2 1.0.0.C -

II. Public POCs for CVE-2024-36347

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-36347

登录查看更多情报信息。

IV. Related Vulnerabilities

Same product: AMD EPYC™ 7001 Series
Same vendor: AMD
Same weakness: CWE-347

V. Comments for CVE-2024-36347

No comments yet

Leave a comment