Login Sign Up

CVE-2021-46753

9.1 CRITICAL

📋 TL;DR

This vulnerability allows attackers with malicious firmware (Uapp or ABL) to bypass length validation in AMD Secure Processor sensor fusion hub headers, enabling them to map memory regions and overwrite critical data structures. This could lead to loss of confidentiality and integrity of sensitive data. The vulnerability affects systems with AMD processors containing the vulnerable ASP firmware.

💻 Affected Systems

Products:
  • AMD processors with ASP (AMD Secure Processor) firmware
Versions: Specific firmware versions not publicly detailed in advisory
Operating Systems: All operating systems running on affected AMD hardware
Default Config Vulnerable: ⚠️ Yes
Notes: Requires attacker to have ability to load malicious Uapp or ABL firmware, typically requiring local access or compromised firmware update mechanisms.

📦 What is this software?

Athlon Gold 3150g Firmware by Amd

View all CVEs affecting Athlon Gold 3150g Firmware →

Athlon Gold 3150g Firmware by Amd

View all CVEs affecting Athlon Gold 3150g Firmware →

Athlon Gold 3150ge Firmware by Amd

View all CVEs affecting Athlon Gold 3150ge Firmware →

Athlon Gold 3150ge Firmware by Amd

View all CVEs affecting Athlon Gold 3150ge Firmware →

Athlon Silver 3050ge Firmware by Amd

View all CVEs affecting Athlon Silver 3050ge Firmware →

Athlon Silver 3050ge Firmware by Amd

View all CVEs affecting Athlon Silver 3050ge Firmware →

Ryzen 1200 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1200 \(af\) Firmware →

Ryzen 1200 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1200 \(af\) Firmware →

Ryzen 1200 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1200 \(af\) Firmware →

Ryzen 1200 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1200 \(af\) Firmware →

Ryzen 1600 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1600 \(af\) Firmware →

Ryzen 1600 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1600 \(af\) Firmware →

Ryzen 1600 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1600 \(af\) Firmware →

Ryzen 1600 \(af\) Firmware by Amd

View all CVEs affecting Ryzen 1600 \(af\) Firmware →

Ryzen 2200g Firmware by Amd

View all CVEs affecting Ryzen 2200g Firmware →

Ryzen 2200g Firmware by Amd

View all CVEs affecting Ryzen 2200g Firmware →

Ryzen 2200g Firmware by Amd

View all CVEs affecting Ryzen 2200g Firmware →

Ryzen 2200g Firmware by Amd

View all CVEs affecting Ryzen 2200g Firmware →

Ryzen 2200ge Firmware by Amd

View all CVEs affecting Ryzen 2200ge Firmware →

Ryzen 2200ge Firmware by Amd

View all CVEs affecting Ryzen 2200ge Firmware →

Ryzen 2200ge Firmware by Amd

View all CVEs affecting Ryzen 2200ge Firmware →

Ryzen 2200ge Firmware by Amd

View all CVEs affecting Ryzen 2200ge Firmware →

Ryzen 2300x Firmware by Amd

View all CVEs affecting Ryzen 2300x Firmware →

Ryzen 2300x Firmware by Amd

View all CVEs affecting Ryzen 2300x Firmware →

Ryzen 2300x Firmware by Amd

View all CVEs affecting Ryzen 2300x Firmware →

Ryzen 2300x Firmware by Amd

View all CVEs affecting Ryzen 2300x Firmware →

Ryzen 2400g Firmware by Amd

View all CVEs affecting Ryzen 2400g Firmware →

Ryzen 2400g Firmware by Amd

View all CVEs affecting Ryzen 2400g Firmware →

Ryzen 2400g Firmware by Amd

View all CVEs affecting Ryzen 2400g Firmware →

Ryzen 2400g Firmware by Amd

View all CVEs affecting Ryzen 2400g Firmware →

Ryzen 2400ge Firmware by Amd

View all CVEs affecting Ryzen 2400ge Firmware →

Ryzen 2400ge Firmware by Amd

View all CVEs affecting Ryzen 2400ge Firmware →

Ryzen 2400ge Firmware by Amd

View all CVEs affecting Ryzen 2400ge Firmware →

Ryzen 2400ge Firmware by Amd

View all CVEs affecting Ryzen 2400ge Firmware →

Ryzen 2500x Firmware by Amd

View all CVEs affecting Ryzen 2500x Firmware →

Ryzen 2500x Firmware by Amd

View all CVEs affecting Ryzen 2500x Firmware →

Ryzen 2500x Firmware by Amd

View all CVEs affecting Ryzen 2500x Firmware →

Ryzen 2500x Firmware by Amd

View all CVEs affecting Ryzen 2500x Firmware →

Ryzen 2600 Firmware by Amd

View all CVEs affecting Ryzen 2600 Firmware →

Ryzen 2600 Firmware by Amd

View all CVEs affecting Ryzen 2600 Firmware →

Ryzen 2600 Firmware by Amd

View all CVEs affecting Ryzen 2600 Firmware →

Ryzen 2600 Firmware by Amd

View all CVEs affecting Ryzen 2600 Firmware →

Ryzen 2600e Firmware by Amd

View all CVEs affecting Ryzen 2600e Firmware →

Ryzen 2600e Firmware by Amd

View all CVEs affecting Ryzen 2600e Firmware →

Ryzen 2600e Firmware by Amd

View all CVEs affecting Ryzen 2600e Firmware →

Ryzen 2600e Firmware by Amd

View all CVEs affecting Ryzen 2600e Firmware →

Ryzen 2600x Firmware by Amd

View all CVEs affecting Ryzen 2600x Firmware →

Ryzen 2600x Firmware by Amd

View all CVEs affecting Ryzen 2600x Firmware →

Ryzen 2600x Firmware by Amd

View all CVEs affecting Ryzen 2600x Firmware →

Ryzen 2600x Firmware by Amd

View all CVEs affecting Ryzen 2600x Firmware →

Ryzen 2700 Firmware by Amd

View all CVEs affecting Ryzen 2700 Firmware →

Ryzen 2700 Firmware by Amd

View all CVEs affecting Ryzen 2700 Firmware →

Ryzen 2700 Firmware by Amd

View all CVEs affecting Ryzen 2700 Firmware →

Ryzen 2700 Firmware by Amd

View all CVEs affecting Ryzen 2700 Firmware →

Ryzen 2700e Firmware by Amd

View all CVEs affecting Ryzen 2700e Firmware →

Ryzen 2700e Firmware by Amd

View all CVEs affecting Ryzen 2700e Firmware →

Ryzen 2700e Firmware by Amd

View all CVEs affecting Ryzen 2700e Firmware →

Ryzen 2700e Firmware by Amd

View all CVEs affecting Ryzen 2700e Firmware →

Ryzen 2700x Firmware by Amd

View all CVEs affecting Ryzen 2700x Firmware →

Ryzen 2700x Firmware by Amd

View all CVEs affecting Ryzen 2700x Firmware →

Ryzen 2700x Firmware by Amd

View all CVEs affecting Ryzen 2700x Firmware →

Ryzen 2700x Firmware by Amd

View all CVEs affecting Ryzen 2700x Firmware →

Ryzen 2920x Firmware by Amd

View all CVEs affecting Ryzen 2920x Firmware →

Ryzen 2920x Firmware by Amd

View all CVEs affecting Ryzen 2920x Firmware →

Ryzen 2920x Firmware by Amd

View all CVEs affecting Ryzen 2920x Firmware →

Ryzen 2920x Firmware by Amd

View all CVEs affecting Ryzen 2920x Firmware →

Ryzen 2950x Firmware by Amd

View all CVEs affecting Ryzen 2950x Firmware →

Ryzen 2950x Firmware by Amd

View all CVEs affecting Ryzen 2950x Firmware →

Ryzen 2950x Firmware by Amd

View all CVEs affecting Ryzen 2950x Firmware →

Ryzen 2950x Firmware by Amd

View all CVEs affecting Ryzen 2950x Firmware →

Ryzen 2970wx Firmware by Amd

View all CVEs affecting Ryzen 2970wx Firmware →

Ryzen 2970wx Firmware by Amd

View all CVEs affecting Ryzen 2970wx Firmware →

Ryzen 2970wx Firmware by Amd

View all CVEs affecting Ryzen 2970wx Firmware →

Ryzen 2970wx Firmware by Amd

View all CVEs affecting Ryzen 2970wx Firmware →

Ryzen 2990wx Firmware by Amd

View all CVEs affecting Ryzen 2990wx Firmware →

Ryzen 2990wx Firmware by Amd

View all CVEs affecting Ryzen 2990wx Firmware →

Ryzen 2990wx Firmware by Amd

View all CVEs affecting Ryzen 2990wx Firmware →

Ryzen 2990wx Firmware by Amd

View all CVEs affecting Ryzen 2990wx Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3100 Firmware by Amd

View all CVEs affecting Ryzen 3100 Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3300x Firmware by Amd

View all CVEs affecting Ryzen 3300x Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500 Firmware by Amd

View all CVEs affecting Ryzen 3500 Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3500x Firmware by Amd

View all CVEs affecting Ryzen 3500x Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600 Firmware by Amd

View all CVEs affecting Ryzen 3600 Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600x Firmware by Amd

View all CVEs affecting Ryzen 3600x Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3600xt Firmware by Amd

View all CVEs affecting Ryzen 3600xt Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800x Firmware by Amd

View all CVEs affecting Ryzen 3800x Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3800xt Firmware by Amd

View all CVEs affecting Ryzen 3800xt Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900 Firmware by Amd

View all CVEs affecting Ryzen 3900 Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900x Firmware by Amd

View all CVEs affecting Ryzen 3900x Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3900xt Firmware by Amd

View all CVEs affecting Ryzen 3900xt Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 3950x Firmware by Amd

View all CVEs affecting Ryzen 3950x Firmware →

Ryzen 5300g Firmware by Amd

View all CVEs affecting Ryzen 5300g Firmware →

Ryzen 5300ge Firmware by Amd

View all CVEs affecting Ryzen 5300ge Firmware →

Ryzen 5500 Firmware by Amd

View all CVEs affecting Ryzen 5500 Firmware →

Ryzen 5600 Firmware by Amd

View all CVEs affecting Ryzen 5600 Firmware →

Ryzen 5600g Firmware by Amd

View all CVEs affecting Ryzen 5600g Firmware →

Ryzen 5600ge Firmware by Amd

View all CVEs affecting Ryzen 5600ge Firmware →

Ryzen 5600x Firmware by Amd

View all CVEs affecting Ryzen 5600x Firmware →

Ryzen 5700g Firmware by Amd

View all CVEs affecting Ryzen 5700g Firmware →

Ryzen 5700ge Firmware by Amd

View all CVEs affecting Ryzen 5700ge Firmware →

Ryzen 5700x Firmware by Amd

View all CVEs affecting Ryzen 5700x Firmware →

Ryzen 5800 Firmware by Amd

View all CVEs affecting Ryzen 5800 Firmware →

Ryzen 5800x Firmware by Amd

View all CVEs affecting Ryzen 5800x Firmware →

Ryzen 5800x3d Firmware by Amd

View all CVEs affecting Ryzen 5800x3d Firmware →

Ryzen 5900 Firmware by Amd

View all CVEs affecting Ryzen 5900 Firmware →

Ryzen 5900x Firmware by Amd

View all CVEs affecting Ryzen 5900x Firmware →

Ryzen 5945wx Firmware by Amd

View all CVEs affecting Ryzen 5945wx Firmware →

Ryzen 5950x Firmware by Amd

View all CVEs affecting Ryzen 5950x Firmware →

Ryzen 5955wx Firmware by Amd

View all CVEs affecting Ryzen 5955wx Firmware →

Ryzen 5965wx Firmware by Amd

View all CVEs affecting Ryzen 5965wx Firmware →

Ryzen 5975wx Firmware by Amd

View all CVEs affecting Ryzen 5975wx Firmware →

Ryzen 5995wx Firmware by Amd

View all CVEs affecting Ryzen 5995wx Firmware →

Ryzen 6600h Firmware by Amd

View all CVEs affecting Ryzen 6600h Firmware →

Ryzen 6600hs Firmware by Amd

View all CVEs affecting Ryzen 6600hs Firmware →

Ryzen 6600u Firmware by Amd

View all CVEs affecting Ryzen 6600u Firmware →

Ryzen 6800h Firmware by Amd

View all CVEs affecting Ryzen 6800h Firmware →

Ryzen 6800hs Firmware by Amd

View all CVEs affecting Ryzen 6800hs Firmware →

Ryzen 6800u Firmware by Amd

View all CVEs affecting Ryzen 6800u Firmware →

Ryzen 6900hs Firmware by Amd

View all CVEs affecting Ryzen 6900hs Firmware →

Ryzen 6900hx Firmware by Amd

View all CVEs affecting Ryzen 6900hx Firmware →

Ryzen 6980hs Firmware by Amd

View all CVEs affecting Ryzen 6980hs Firmware →

Ryzen 6980hx Firmware by Amd

View all CVEs affecting Ryzen 6980hx Firmware →

Ryzen Pro 2100ge Firmware by Amd

View all CVEs affecting Ryzen Pro 2100ge Firmware →

Ryzen Pro 2100ge Firmware by Amd

View all CVEs affecting Ryzen Pro 2100ge Firmware →

Ryzen Pro 2100ge Firmware by Amd

View all CVEs affecting Ryzen Pro 2100ge Firmware →

Ryzen Pro 2100ge Firmware by Amd

View all CVEs affecting Ryzen Pro 2100ge Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of AMD Secure Processor, allowing attackers to exfiltrate sensitive data, manipulate system behavior, or establish persistent firmware-level backdoors.

🟠

Likely Case

Local privilege escalation or data exfiltration from the secure processor environment, potentially compromising security features and sensitive information.

🟢

If Mitigated

Limited impact if proper firmware validation and secure boot are enforced, though some risk remains from malicious firmware.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires ability to load malicious firmware components, which typically requires elevated privileges or compromised firmware update processes.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to AMD advisory for specific firmware versions

Vendor Advisory: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001

Restart Required: Yes

Instructions:

1. Check AMD advisory for affected products. 2. Obtain updated firmware from system/motherboard manufacturer. 3. Follow manufacturer's firmware update procedures. 4. Verify successful update through system BIOS/UEFI interface.

🔧 Temporary Workarounds

Restrict firmware update capabilities

all

Limit who can perform firmware updates and ensure updates come from trusted sources only

Enable secure boot

all

Ensure secure boot is enabled to prevent unauthorized firmware execution

🧯 If You Can't Patch

  • Isolate affected systems from untrusted networks and users
  • Implement strict access controls and monitoring for firmware update activities

🔍 How to Verify

Check if Vulnerable:

Check system/motherboard manufacturer website for security advisories regarding AMD SB-4001

Check Version:

System-specific commands vary by manufacturer (e.g., dmidecode on Linux, wmic bios on Windows)

Verify Fix Applied:

Verify firmware version in BIOS/UEFI settings matches patched version from manufacturer

📡 Detection & Monitoring

Log Indicators:

  • Unexpected firmware update attempts
  • Secure processor error logs
  • Failed secure boot events

Network Indicators:

  • Unusual firmware update network traffic
  • Unauthorized firmware source connections

SIEM Query:

Search for firmware update events from unauthorized sources or unexpected firmware version changes

📊 Metadata

CVE ID: CVE-2021-46753
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Published: May 9, 2023
Last Updated: January 28, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON