Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-36345

AI Predicted 4.9 Difficulty: Theoretical EPSS 0.01% · P2

Possible ATT&CK Techniques 1AI

T1564.001 · Hidden Files and Directories

Affected Version Matrix 24

VendorProductVersion RangeStatus
AMDAMD EPYC™ 4004ComboAM5PI 1.1.0.3dunaffected
AMDAMD EPYC™ 4005ComboAM5 1.2.0.3junaffected
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.Bgunaffected
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.0.0.eunaffected
ComboAM5PI 1.1.0.3gunaffected
ComboAM5PI 1.2.0.3junaffected
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0funaffected
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsDragonRangeFL1_1.0.0.3lunaffected
AMDAMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5PI 1.1.0.3gunaffected
ComboAM5PI 1.2.0.3junaffected
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0funaffected
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5PI 1.2.0.3junaffected
ComboAM5PI 1.2.0.3junaffected
AMDAMD Ryzen™ 9000HX Series Mobile ProcessorsFireRangeFL1PI 1.0.0.0funaffected
AMDAMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0funaffected
StrixKrackanPI-FP8_1.1.0.2eunaffected
AMDAMD Ryzen™ AI MAXStrixHaloPI-FP11_1.0.0.2bunaffected
AMDAMD Ryzen™ Embedded 7000 Series ProcessorsEmbeddedAM5PI 1.0.0.7unaffected
AMDAMD Ryzen™ Embedded 8000 Series ProcessorsEmbeddedPhoenixPI-FP7r2_1.0.0.4unaffected
AMDAMD Ryzen™ Embedded 9000 Series ProcessorsEmbeddedAM5PI 1.0.0.7unaffected
AMDAMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 1012unaffected
AMDAMD Ryzen™ Threadripper™ 7000 ProcessorsStormPeakPI-SP6 1.1.0.0kunaffected
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6 1.0.0.1munaffected
StormPeakPI-SP6 1.1.0.0kunaffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-36345

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1274
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
AMDAMD EPYC™ 4004 ComboAM5PI 1.1.0.3d -
AMDAMD EPYC™ 4005 ComboAM5 1.2.0.3j -
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics RembrandtPI-FP7_1.0.0.Bg -
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics PhoenixPI-FP8-FP7_1.2.0.0f -
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics DragonRangeFL1_1.0.0.3l -
AMDAMD Ryzen™ 7000 Series Desktop Processors ComboAM5PI 1.0.0.e -
AMDAMD Ryzen™ 9000HX Series Mobile Processors FireRangeFL1PI 1.0.0.0f -
AMDAMD Ryzen™ AI MAX StrixHaloPI-FP11_1.0.0.2b -
AMDAMD Ryzen™ AI 300 Series Processors StrixKrackanPI-FP8_1.1.0.0f -
AMDAMD Ryzen™ Threadripper™ 7000 Processors StormPeakPI-SP6 1.1.0.0k -
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors StormPeakPI-SP6 1.0.0.1m -
AMDAMD Ryzen™ 8000 Series Desktop Processors ComboAM5PI 1.1.0.3g -
AMDAMD Ryzen™ 9000 Series Desktop Processors ComboAM5PI 1.2.0.3j -
AMDAMD Ryzen™ 9000 Series Desktop Processors ComboAM5PI 1.2.0.3j -
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics PhoenixPI-FP8-FP7_1.2.0.0f -
AMDAMD Ryzen™ Embedded 8000 Series Processors EmbeddedPhoenixPI-FP7r2_1.0.0.4 -
AMDAMD Ryzen™ Embedded V3000 Series Processors Embedded-PI_FP7r2 1012 -
AMDAMD Ryzen™ Embedded 7000 Series Processors EmbeddedAM5PI 1.0.0.7 -
AMDAMD Ryzen™ Embedded 9000 Series Processors EmbeddedAM5PI 1.0.0.7 -

II. Public POCs for CVE-2024-36345

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-36345

登录查看更多情报信息。

Same Patch Batch · AMD · 2026-05-15 · 39 CVEs total

CVE-2025-48513AMD PMF未初始化资源漏洞
CVE-2021-26380Trusted OS驱动内存越界致完整性丢失
CVE-2025-0040NXP JTAG-AXI访问控制漏洞
CVE-2024-21962AMD RAID驱动输入验证缺陷致提权与代码执行
CVE-2025-29935AMD PMF越界写入漏洞(影响代码执行)
CVE-2025-29944AMD Sensor Fusion Hub 驱动缓冲区溢出致系统崩溃
CVE-2025-29938AMD PMF 版本未指定:未检查返回值致任意代码执行
CVE-2025-29937AMD PMF越界读取漏洞
CVE-2025-0028AMD PMF框架越界读写漏洞
CVE-2025-29936AMD平台管理框架输入验证缺陷导致权限提升
CVE-2022-23826Graphics TOCTOU漏洞可致完整性破坏
CVE-2025-52540AMD PMF驱动越界写入致提权
CVE-2025-48520AMD平台管理框架驱动越界读取漏洞
CVE-2025-48519AMD PMF驱动越界读写致提权漏洞
CVE-2025-0045AMD Secure Processor驱动输入验证漏洞致拒绝服务
CVE-2026-0432AMD芯片组驱动权限错误致提权
CVE-2025-48521ASP PCI驱动Use-After-Free漏洞致平台完整性丧失
CVE-2025-48512AMD GPIO控制器权限配置错误致提权
CVE-2026-0438SMM handler执行非SMM内存代码导致远程代码执行漏洞
CVE-2023-31309Power Management Firmware多版本信息泄露与可用性受损漏洞

Showing top 20 of 39 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: AMD
Same weakness: CWE-1274

V. Comments for CVE-2024-36345

No comments yet

Leave a comment