Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-36354
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at the SMM level.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1231
Source: NVD (National Vulnerability Database)
Vulnerability Title
AMD多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AMD Embedded Processors等都是美国超威半导体(AMD)公司的产品。AMD Embedded Processors是一系列嵌入式高性能 GPU。AMD Client Processor是面向客户端设备(如个人电脑、笔记本电脑等)的处理器。AMD Server Processor是面向服务器市场的处理器产品,主要用于数据中心、云计算、高性能计算等领域。 AMD多款产品存在安全漏洞,该漏洞源于对DIMM串行存在检测元数据输入验证不当,可能导致攻击者绕过SMM隔离,在SMM级别执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
AMDAMD Ryzen™ Threadripper™ 3000 Processors CastlePeakPI-SP3r3 1.0.0.D -
AMDAMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors ChagallWSPI-sWRX8-1.0.0.A -
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6_1.0.1.1a -
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors CastlePeakWSPI-sWRX8 1.0.0.F -
AMDAMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors ChagallWSPI-sWRX8-1.0.0.A -
AMDAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics PicassoPI-FP5_1.0.1.2a -
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics PhoenixPI-FP8-FP7_1.1.8.0 -
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics PicassoPI-FP5_1.0.1.2a -
AMDAMD Ryzen™ 8000 Series Desktop Processors ComboAM5PI_1.2.0.2a -
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics PhoenixPI-FP8-FP7_1.1.8.0 -
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics RenoirPI-FP6 1.0.0.Ea -
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ Graphics RembrandtPI-FP7_1.0.0.Ba -
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics DragonRangeFL1_1.0.0.3f -
AMDAMD Ryzen™ 7035 Series Processors with Radeon™ Graphics RembrandtPI-FP7_1.0.0.Ba -
AMDAMD Ryzen™ 7000 Series Desktop Processors ComboAM5PI_1.2.0.2a -
AMDAMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics CezannePI-FP6_1.0.1.1a -
AMDAMD Ryzen™ 9000 Series Desktop Processors ComboAM5PI_1.2.0.2a -
AMDAMD Ryzen™ 3000 Series Desktop Processors ComboAM4PI_1.0.0.C -
AMDAMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics ComboAM4PI_1.0.0.C -
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics ComboAM4v2PI_1.2.0.D -
AMDAMD Ryzen™ 4000 Series Desktop Processors ComboAM4v2PI_1.2.0.D -
AMDAMD Ryzen™ 5000 Series Desktop Processors ComboAM4v2PI_1.2.0.D -
AMDAMD EPYC™ Embedded 3000 Series Processors SnowyOwl PI 1.1.0.F -
AMDAMD EPYC™ Embedded 7002 Series Processors EmbRomePI-SP3_1.0.0.E -
AMDAMD EPYC™ Embedded 7003 Series Processors EmbMilanPI-SP3 1.0.0.A -
AMDAMD EPYC™ Embedded 9004 Series Processors EmbGenoaPI-SP5 1.0.0.8 -
AMDAMD Ryzen™ Embedded 5000 Series Processors EmbAM4PI 1.0.0.7 -
AMDAMD Ryzen™ Embedded V2000 Series Processors EmbeddedPI-FP6_1.0.0.B -
AMDAMD Ryzen™ Embedded V3000 Series Processors Embedded-PI_FP7r2 100A -
AMDAMD EPYC™ Embedded 97X4 Series Processors EmbGenoaPI-SP5 1.0.0.8 -
AMDAMD Ryzen™ Embedded 7000 Series Processors EmbeddedAM5PI 1.0.0.3 -
AMDAMD EPYC™ 9004 Series Processors GenoaPI 1.0.0.D -
AMDAMD EPYC™ 7003 Series Processors MilanPI 1.0.0.D -
AMDAMD EPYC™ 7002 Series Processors Rome PI 1.0.0.M -
AMDAMD EPYC™ 7001 Series Processors Naples 1.0.0.Q -
AMDAMD EPYC™ 9004 Series Processors GenoaPI 1.0.0.D -
AMDAMD EPYC™ 4004 Series Processors ComboAM5PI_1.2.0.2a -
AMDAMD EPYC™ 8004 Series Processors GenoaPI 1.0.0.D -
II. Public POCs for CVE-2024-36354
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2024-36354
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: AMD Ryzen™ Threadripper™ 3000 Processors
Same vendor: AMD
Same weakness: CWE-1231
V. Comments for CVE-2024-36354

No comments yet

Leave a comment