CVE-2021-26317

7.8 HIGH

Remote Code Execution

📋 TL;DR

This vulnerability in AMD System Management Mode (SMM) allows attackers to bypass protocol verification and modify SPI flash memory. This could lead to arbitrary code execution with SMM privileges, affecting systems with vulnerable AMD processors.

💻 Affected Systems

Products:

• AMD Ryzen, EPYC, Athlon processors with AMD Secure Processor

Versions: Various firmware versions prior to patched releases

Operating Systems: All operating systems running on affected hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires local access or ability to execute code on the system. Affects systems with AMD Secure Processor technology.

📦 What is this software?

Athlon 3050ge Firmware by Amd

View all CVEs affecting Athlon 3050ge Firmware →

Athlon 3150g Firmware by Amd

View all CVEs affecting Athlon 3150g Firmware →

Athlon 3150ge Firmware by Amd

View all CVEs affecting Athlon 3150ge Firmware →

Radeon Software by Amd

View all CVEs affecting Radeon Software →

Ryzen 3 2200u Firmware by Amd

View all CVEs affecting Ryzen 3 2200u Firmware →

Ryzen 3 2300u Firmware by Amd

View all CVEs affecting Ryzen 3 2300u Firmware →

Ryzen 3 3100 Firmware by Amd

View all CVEs affecting Ryzen 3 3100 Firmware →

Ryzen 3 3300g Firmware by Amd

View all CVEs affecting Ryzen 3 3300g Firmware →

Ryzen 3 3300x Firmware by Amd

View all CVEs affecting Ryzen 3 3300x Firmware →

Ryzen 3 5125c Firmware by Amd

View all CVEs affecting Ryzen 3 5125c Firmware →

Ryzen 3 5400u Firmware by Amd

View all CVEs affecting Ryzen 3 5400u Firmware →

Ryzen 3 5425c Firmware by Amd

View all CVEs affecting Ryzen 3 5425c Firmware →

Ryzen 3 5425u Firmware by Amd

View all CVEs affecting Ryzen 3 5425u Firmware →

Ryzen 5 2500u Firmware by Amd

View all CVEs affecting Ryzen 5 2500u Firmware →

Ryzen 5 2600 Firmware by Amd

View all CVEs affecting Ryzen 5 2600 Firmware →

Ryzen 5 2600h Firmware by Amd

View all CVEs affecting Ryzen 5 2600h Firmware →

Ryzen 5 2600x Firmware by Amd

View all CVEs affecting Ryzen 5 2600x Firmware →

Ryzen 5 3400g Firmware by Amd

View all CVEs affecting Ryzen 5 3400g Firmware →

Ryzen 5 3450g Firmware by Amd

View all CVEs affecting Ryzen 5 3450g Firmware →

Ryzen 5 3600 Firmware by Amd

View all CVEs affecting Ryzen 5 3600 Firmware →

Ryzen 5 3600x Firmware by Amd

View all CVEs affecting Ryzen 5 3600x Firmware →

Ryzen 5 5560u Firmware by Amd

View all CVEs affecting Ryzen 5 5560u Firmware →

Ryzen 5 5600h Firmware by Amd

View all CVEs affecting Ryzen 5 5600h Firmware →

Ryzen 5 5600hs Firmware by Amd

View all CVEs affecting Ryzen 5 5600hs Firmware →

Ryzen 5 5600u Firmware by Amd

View all CVEs affecting Ryzen 5 5600u Firmware →

Ryzen 5 5600x Firmware by Amd

View all CVEs affecting Ryzen 5 5600x Firmware →

Ryzen 5 5625c Firmware by Amd

View all CVEs affecting Ryzen 5 5625c Firmware →

Ryzen 5 5625u Firmware by Amd

View all CVEs affecting Ryzen 5 5625u Firmware →

Ryzen 5 5700g Firmware by Amd

View all CVEs affecting Ryzen 5 5700g Firmware →

Ryzen 5 5700ge Firmware by Amd

View all CVEs affecting Ryzen 5 5700ge Firmware →

Ryzen 5300g Firmware by Amd

View all CVEs affecting Ryzen 5300g Firmware →

Ryzen 5300ge Firmware by Amd

View all CVEs affecting Ryzen 5300ge Firmware →

Ryzen 5600g Firmware by Amd

View all CVEs affecting Ryzen 5600g Firmware →

Ryzen 5600ge Firmware by Amd

View all CVEs affecting Ryzen 5600ge Firmware →

Ryzen 5600x Firmware by Amd

View all CVEs affecting Ryzen 5600x Firmware →

Ryzen 5700g Firmware by Amd

View all CVEs affecting Ryzen 5700g Firmware →

Ryzen 5700ge Firmware by Amd

View all CVEs affecting Ryzen 5700ge Firmware →

Ryzen 5800x Firmware by Amd

View all CVEs affecting Ryzen 5800x Firmware →

Ryzen 5800x3d Firmware by Amd

View all CVEs affecting Ryzen 5800x3d Firmware →

Ryzen 5900x Firmware by Amd

View all CVEs affecting Ryzen 5900x Firmware →

Ryzen 5950x Firmware by Amd

View all CVEs affecting Ryzen 5950x Firmware →

Ryzen 7 2700 Firmware by Amd

View all CVEs affecting Ryzen 7 2700 Firmware →

Ryzen 7 2700u Firmware by Amd

View all CVEs affecting Ryzen 7 2700u Firmware →

Ryzen 7 2700x Firmware by Amd

View all CVEs affecting Ryzen 7 2700x Firmware →

Ryzen 7 2800h Firmware by Amd

View all CVEs affecting Ryzen 7 2800h Firmware →

Ryzen 7 3700x Firmware by Amd

View all CVEs affecting Ryzen 7 3700x Firmware →

Ryzen 7 3800x Firmware by Amd

View all CVEs affecting Ryzen 7 3800x Firmware →

Ryzen 7 5800h Firmware by Amd

View all CVEs affecting Ryzen 7 5800h Firmware →

Ryzen 7 5800hs Firmware by Amd

View all CVEs affecting Ryzen 7 5800hs Firmware →

Ryzen 7 5800u Firmware by Amd

View all CVEs affecting Ryzen 7 5800u Firmware →

Ryzen 7 5825c Firmware by Amd

View all CVEs affecting Ryzen 7 5825c Firmware →

Ryzen 7 5825u Firmware by Amd

View all CVEs affecting Ryzen 7 5825u Firmware →

Ryzen 9 3900x Firmware by Amd

View all CVEs affecting Ryzen 9 3900x Firmware →

Ryzen 9 3950x Firmware by Amd

View all CVEs affecting Ryzen 9 3950x Firmware →

Ryzen 9 5900hs Firmware by Amd

View all CVEs affecting Ryzen 9 5900hs Firmware →

Ryzen 9 5900hx Firmware by Amd

View all CVEs affecting Ryzen 9 5900hx Firmware →

Ryzen 9 5980hs Firmware by Amd

View all CVEs affecting Ryzen 9 5980hs Firmware →

Ryzen 9 5980hx Firmware by Amd

View all CVEs affecting Ryzen 9 5980hx Firmware →

Ryzen Threadripper 2920x Firmware by Amd

View all CVEs affecting Ryzen Threadripper 2920x Firmware →

Ryzen Threadripper 2950x Firmware by Amd

View all CVEs affecting Ryzen Threadripper 2950x Firmware →

Ryzen Threadripper 2970wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper 2970wx Firmware →

Ryzen Threadripper 2990wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper 2990wx Firmware →

Ryzen Threadripper 3960x Firmware by Amd

View all CVEs affecting Ryzen Threadripper 3960x Firmware →

Ryzen Threadripper 3970x Firmware by Amd

View all CVEs affecting Ryzen Threadripper 3970x Firmware →

Ryzen Threadripper 3990x Firmware by Amd

View all CVEs affecting Ryzen Threadripper 3990x Firmware →

Ryzen Threadripper Pro 3945wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 3945wx Firmware →

Ryzen Threadripper Pro 3955wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 3955wx Firmware →

Ryzen Threadripper Pro 3975wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 3975wx Firmware →

Ryzen Threadripper Pro 3995wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 3995wx Firmware →

Ryzen Threadripper Pro 5945wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 5945wx Firmware →

Ryzen Threadripper Pro 5955wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 5955wx Firmware →

Ryzen Threadripper Pro 5965wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 5965wx Firmware →

Ryzen Threadripper Pro 5975wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 5975wx Firmware →

Ryzen Threadripper Pro 5995wx Firmware by Amd

View all CVEs affecting Ryzen Threadripper Pro 5995wx Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with SMM-level privileges allowing persistent malware installation, firmware modification, and bypass of security controls.

🟠

Likely Case

Local privilege escalation to SMM level allowing attackers to install persistent backdoors, modify firmware, and bypass security mechanisms.

🟢

If Mitigated

Limited impact if proper firmware validation and secure boot are enabled, though SMM access remains a serious concern.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires local access and sophisticated knowledge of SMM and firmware internals. No public exploits known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: AMD AGESA firmware updates (specific versions vary by OEM)

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027

Restart Required: Yes

Instructions:

1. Check with your system/OEM manufacturer for BIOS/UEFI firmware updates. 2. Download appropriate firmware update. 3. Apply firmware update following manufacturer instructions. 4. Reboot system to complete installation.

🔧 Temporary Workarounds

Enable Secure Boot

all

Secure Boot helps prevent unauthorized firmware/OS modifications

Implement Firmware Write Protection

all

Enable BIOS/UEFI write protection features if available

🧯 If You Can't Patch

• Restrict physical and administrative access to vulnerable systems
• Implement strict endpoint security controls and monitoring for suspicious firmware access attempts

🔍 How to Verify

Check if Vulnerable:

Copy

Check BIOS/UEFI firmware version against OEM/AMD security advisories. Use 'wmic bios get smbiosbiosversion' on Windows or 'dmidecode -t bios' on Linux.

Check Version:

Copy

Windows: wmic bios get smbiosbiosversion | Linux: sudo dmidecode -t bios | grep Version

Verify Fix Applied:

Copy

Verify BIOS/UEFI firmware version matches patched version from OEM/AMD advisory. Check that firmware update was successfully applied.

📡 Detection & Monitoring

Log Indicators:

• Unexpected firmware update attempts
• SMM access violations
• BIOS/UEFI modification events

Network Indicators:

• None - this is a local firmware vulnerability

SIEM Query:

Copy

Search for firmware modification events, SMM access logs, or unexpected BIOS/UEFI update attempts in system logs

📊 Metadata

CVE ID: CVE-2021-26317

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Published: May 12, 2022

Last Updated: November 21, 2024

🔗 References

• https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 Vendor Advisory
• https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON