CVE-2021-26322

Q: What is the severity of CVE-2021-26322?

CVE-2021-26322 has a CVSS score of 7.5 (HIGH). This vulnerability in AMD platform security processors (PSP) allows potential recovery of encrypted private keys due to insufficient initialization vector (IV) randomness. Attackers could decrypt platform keys, compromising secure boot and firmware integrity. Affects systems with AMD EPYC, Ryzen, and Athlon processors.

7.5 HIGH

📋 TL;DR

This vulnerability in AMD platform security processors (PSP) allows potential recovery of encrypted private keys due to insufficient initialization vector (IV) randomness. Attackers could decrypt platform keys, compromising secure boot and firmware integrity. Affects systems with AMD EPYC, Ryzen, and Athlon processors.

💻 Affected Systems

Products:

AMD EPYC processors
AMD Ryzen processors
AMD Athlon processors

Versions: Multiple generations prior to firmware updates

Operating Systems: All operating systems running on affected hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires physical access or administrative privileges to exploit. Affects systems with AMD Secure Processor firmware.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of platform security keys enabling persistent firmware-level backdoors, secure boot bypass, and extraction of sensitive cryptographic material.

🟠

Likely Case

Extraction of platform keys allowing firmware modification, secure boot circumvention, and potential credential theft from encrypted storage.

🟢

If Mitigated

Limited impact with proper firmware updates and secure boot enforcement, though residual risk remains for unpatched systems.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires administrative access or physical access to the system. No public exploits available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: AMD AGESA firmware updates (specific versions vary by platform)

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021

Restart Required: Yes

Instructions:

1. Check system manufacturer for BIOS/UEFI updates. 2. Download appropriate firmware update. 3. Apply update following manufacturer instructions. 4. Reboot system to complete installation.

🔧 Temporary Workarounds

Enable Secure Boot

all

Enforce secure boot to prevent unauthorized firmware modifications

Physical Security Controls

all

Restrict physical access to affected systems

🧯 If You Can't Patch

Isolate affected systems from high-risk networks
Implement strict access controls and monitoring for physical access

🔍 How to Verify

Check if Vulnerable:

Check system BIOS/UEFI version against manufacturer's patched versions. Use 'dmidecode' on Linux or system information tools on Windows.

Check Version:

Linux: 'sudo dmidecode -t bios' or 'cat /sys/class/dmi/id/bios_version'. Windows: 'wmic bios get smbiosbiosversion'

Verify Fix Applied:

Verify BIOS/UEFI version matches or exceeds patched version from manufacturer advisory.

📡 Detection & Monitoring

Log Indicators:

BIOS/UEFI firmware modification events
Secure boot violations
Unexpected firmware update attempts

Network Indicators:

Unusual outbound connections from management interfaces

SIEM Query:

EventID=12 OR EventID=13 (Windows System logs for firmware changes) OR kernel: 'Secure boot violation' (Linux audit logs)

📊 Metadata

CVE ID: CVE-2021-26322

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-320

Published: November 16, 2021

Last Updated: November 21, 2024

🔗 References

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021 Vendor Advisory
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Epyc 7232p Firmware by Amd

Epyc 7251 Firmware by Amd

Epyc 7252 Firmware by Amd

Epyc 7261 Firmware by Amd

Epyc 7262 Firmware by Amd

Epyc 7272 Firmware by Amd

Epyc 7281 Firmware by Amd

Epyc 7282 Firmware by Amd

Epyc 72f3 Firmware by Amd

Epyc 7301 Firmware by Amd

Epyc 7302 Firmware by Amd

Epyc 7302p Firmware by Amd

Epyc 7313 Firmware by Amd

Epyc 7313p Firmware by Amd

Epyc 7343 Firmware by Amd

Epyc 7351 Firmware by Amd

Epyc 7351p Firmware by Amd

Epyc 7352 Firmware by Amd

Epyc 7371 Firmware by Amd

Epyc 73f3 Firmware by Amd

Epyc 7401 Firmware by Amd

Epyc 7402 Firmware by Amd

Epyc 7402p Firmware by Amd

Epyc 7413 Firmware by Amd

Epyc 7443 Firmware by Amd

Epyc 7443p Firmware by Amd

Epyc 7451 Firmware by Amd

Epyc 7452 Firmware by Amd

Epyc 7453 Firmware by Amd

Epyc 74f3 Firmware by Amd

Epyc 7501 Firmware by Amd

Epyc 7502 Firmware by Amd

Epyc 7502p Firmware by Amd

Epyc 7513 Firmware by Amd

Epyc 7532 Firmware by Amd

Epyc 7542 Firmware by Amd

Epyc 7543 Firmware by Amd

Epyc 7543p Firmware by Amd

Epyc 7551 Firmware by Amd

Epyc 7551p Firmware by Amd

Epyc 7552 Firmware by Amd

Epyc 75f3 Firmware by Amd

Epyc 7601 Firmware by Amd

Epyc 7642 Firmware by Amd

Epyc 7643 Firmware by Amd

Epyc 7662 Firmware by Amd

Epyc 7663 Firmware by Amd

Epyc 7702 Firmware by Amd

Epyc 7702p Firmware by Amd

Epyc 7713 Firmware by Amd

Epyc 7713p Firmware by Amd

Epyc 7742 Firmware by Amd

Epyc 7763 Firmware by Amd

Epyc 7f32 Firmware by Amd

Epyc 7f52 Firmware by Amd

Epyc 7f72 Firmware by Amd

Epyc 7h12 Firmware by Amd