Login Sign Up

CVE-2021-26362

7.1 HIGH

📋 TL;DR

This AMD processor vulnerability allows malicious or compromised applications to issue malformed system calls that map sensitive System Management Network registers, potentially compromising system integrity and availability. It affects systems with vulnerable AMD processors when running untrusted applications.

💻 Affected Systems

Products:
  • AMD EPYC 7002 Series Processors
  • AMD EPYC 7003 Series Processors
Versions: All versions before microcode patches
Operating Systems: All operating systems running on affected hardware
Default Config Vulnerable: ⚠️ Yes
Notes: Requires attacker to have ability to execute code on the system, typically through compromised applications.

📦 What is this software?

Athlon 3050ge Firmware by Amd

View all CVEs affecting Athlon 3050ge Firmware →

Athlon 3150g Firmware by Amd

View all CVEs affecting Athlon 3150g Firmware →

Athlon 3150ge Firmware by Amd

View all CVEs affecting Athlon 3150ge Firmware →

Radeon Software by Amd

View all CVEs affecting Radeon Software →

Ryzen 3 2200u Firmware by Amd

View all CVEs affecting Ryzen 3 2200u Firmware →

Ryzen 3 2300u Firmware by Amd

View all CVEs affecting Ryzen 3 2300u Firmware →

Ryzen 3 5125c Firmware by Amd

View all CVEs affecting Ryzen 3 5125c Firmware →

Ryzen 3 5400u Firmware by Amd

View all CVEs affecting Ryzen 3 5400u Firmware →

Ryzen 3 5425c Firmware by Amd

View all CVEs affecting Ryzen 3 5425c Firmware →

Ryzen 3 5425u Firmware by Amd

View all CVEs affecting Ryzen 3 5425u Firmware →

Ryzen 5 2500u Firmware by Amd

View all CVEs affecting Ryzen 5 2500u Firmware →

Ryzen 5 2600 Firmware by Amd

View all CVEs affecting Ryzen 5 2600 Firmware →

Ryzen 5 2600h Firmware by Amd

View all CVEs affecting Ryzen 5 2600h Firmware →

Ryzen 5 2600x Firmware by Amd

View all CVEs affecting Ryzen 5 2600x Firmware →

Ryzen 5 5560u Firmware by Amd

View all CVEs affecting Ryzen 5 5560u Firmware →

Ryzen 5 5600h Firmware by Amd

View all CVEs affecting Ryzen 5 5600h Firmware →

Ryzen 5 5600hs Firmware by Amd

View all CVEs affecting Ryzen 5 5600hs Firmware →

Ryzen 5 5600u Firmware by Amd

View all CVEs affecting Ryzen 5 5600u Firmware →

Ryzen 5 5600x Firmware by Amd

View all CVEs affecting Ryzen 5 5600x Firmware →

Ryzen 5 5625c Firmware by Amd

View all CVEs affecting Ryzen 5 5625c Firmware →

Ryzen 5 5625u Firmware by Amd

View all CVEs affecting Ryzen 5 5625u Firmware →

Ryzen 5 5700g Firmware by Amd

View all CVEs affecting Ryzen 5 5700g Firmware →

Ryzen 5 5700ge Firmware by Amd

View all CVEs affecting Ryzen 5 5700ge Firmware →

Ryzen 7 2700 Firmware by Amd

View all CVEs affecting Ryzen 7 2700 Firmware →

Ryzen 7 2700u Firmware by Amd

View all CVEs affecting Ryzen 7 2700u Firmware →

Ryzen 7 2700x Firmware by Amd

View all CVEs affecting Ryzen 7 2700x Firmware →

Ryzen 7 2800h Firmware by Amd

View all CVEs affecting Ryzen 7 2800h Firmware →

Ryzen 7 5800h Firmware by Amd

View all CVEs affecting Ryzen 7 5800h Firmware →

Ryzen 7 5800hs Firmware by Amd

View all CVEs affecting Ryzen 7 5800hs Firmware →

Ryzen 7 5800u Firmware by Amd

View all CVEs affecting Ryzen 7 5800u Firmware →

Ryzen 7 5825c Firmware by Amd

View all CVEs affecting Ryzen 7 5825c Firmware →

Ryzen 7 5825u Firmware by Amd

View all CVEs affecting Ryzen 7 5825u Firmware →

Ryzen 9 5900hs Firmware by Amd

View all CVEs affecting Ryzen 9 5900hs Firmware →

Ryzen 9 5900hx Firmware by Amd

View all CVEs affecting Ryzen 9 5900hx Firmware →

Ryzen 9 5980hs Firmware by Amd

View all CVEs affecting Ryzen 9 5980hs Firmware →

Ryzen 9 5980hx Firmware by Amd

View all CVEs affecting Ryzen 9 5980hx Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to bypass security controls, access sensitive data, or cause system crashes.

🟠

Likely Case

Privilege escalation or denial of service attacks from compromised applications.

🟢

If Mitigated

Limited impact with proper application sandboxing and security controls in place.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires local code execution and detailed knowledge of AMD processor architecture.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Microcode updates via BIOS/UEFI updates

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027

Restart Required: Yes

Instructions:

1. Check with your system manufacturer for BIOS/UEFI updates. 2. Apply the firmware update following manufacturer instructions. 3. Reboot the system to activate the microcode patch.

🔧 Temporary Workarounds

Application Sandboxing

all

Restrict application privileges and isolate untrusted applications

Principle of Least Privilege

all

Ensure applications run with minimal necessary permissions

🧯 If You Can't Patch

  • Implement strict application whitelisting and only run trusted applications
  • Isolate vulnerable systems in separate network segments with strict access controls

🔍 How to Verify

Check if Vulnerable:

Check BIOS/UEFI version against manufacturer's patched versions. Use 'dmidecode -t bios' on Linux or system information tools on Windows.

Check Version:

Linux: 'dmidecode -t bios' or 'cat /proc/cpuinfo | grep microcode'. Windows: 'wmic bios get smbiosbiosversion'

Verify Fix Applied:

Verify BIOS/UEFI version matches or exceeds manufacturer's patched version. Check with 'cat /proc/cpuinfo' on Linux for microcode version.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected system crashes
  • Unusual privilege escalation attempts
  • Malformed system call patterns

Network Indicators:

  • Unusual outbound connections from compromised systems

SIEM Query:

EventID=6008 OR EventID=41 (Windows system crashes) combined with suspicious process creation events

📊 Metadata

CVE ID: CVE-2021-26362
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Published: May 12, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON