Vulnerability-Lookup

CVE-2025-29950 (GCVE-0-2025-29950)

Vulnerability from cvelistv5 – Published: 2026-02-10 19:10 – Updated: 2026-02-26 14:44

Summary

Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.

Severity

7.1 (High)


                        
                          CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-1274 - Improper Access Control for Volatile Memory Containing Boot Code

Assigner

AMD

References

2 references

URL	Tags
https://www.amd.com/en/resources/product-security…
https://www.amd.com/en/resources/product-security…

Impacted products

20 products

Vendor	Product	Version
AMD	AMD EPYC™ 9004 Series Processors	Unaffected: GenoaPI 1.0.0.G
AMD	AMD EPYC™ 7003 Series Processors	Unaffected: MilanPI 1.0.0.H
AMD	AMD EPYC™ 7002 Series Processors	Unaffected: RomePI 1.0.0.N
AMD	AMD EPYC™ 7001 Series Processors	Unaffected: NaplesPI 1.0.0.R
AMD	AMD EPYC™ 9005 Series Processors	Unaffected: TurinPI 1.0.0.6
AMD	AMD Instinct™ MI300A	Unaffected: MI300A 1.0.0.B
AMD	AMD EPYC™ 9V64H Processor	Unaffected: MI300C 1.0.0.2
AMD	AMD Ryzen™ Threadripper™ PRO 3000WX Processors	Unaffected: ChagallWSPI-sWRX8 1.0.0.C Unaffected: CastlePeakWSPI-sWRX8 1.0.0.I
AMD	AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors	Unaffected: ChagallWSPI-sWRX8 1.0.0.C
AMD	AMD Ryzen™ Threadripper™ 7000 Processors	Unaffected: StormPeakPI-SP6_1.0.0.1l Unaffected: ShimadaPeakPI-SP6_1.0.0.1
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors	Unaffected: StormPeakPI-SP6_1.1.0.0j Unaffected: ShimadaPeakPI-SP6_1.0.0.1
AMD	AMD Ryzen™ Threadripper™ 9000 Processors	Unaffected: ShimadaPeakPI-SP6_1.0.0.1
AMD	AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors	Unaffected: ShimadaPeakPI-SP6_1.0.0.1
AMD	AMD EPYC™ Embedded 7003 Series Processors	Unaffected: EmbMilanPI-SP3 v9 1.0.0.C
AMD	AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")	Unaffected: EmbGenoaPI-SP5 1.0.0.B
AMD	AMD EPYC™ Embedded 7002 Series Processors	Unaffected: EmbRomePI-SP3 1.0.0.F
AMD	AMD EPYC™ Embedded 3000 Series Processors	Unaffected: SnowyOwl_SP4_SP4r2.1.1.0.H
AMD	AMD EPYC™ Embedded 9005 Series Processors	Unaffected: EmbTurinPI-SP5_1.0.0.1
AMD	AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo")	Unaffected: EmbGenoaPI-SP5 1.0.0.B
AMD	AMD EPYC™ Embedded 8004 Series Processors	Unaffected: EmbGenoaPI-SP5 1.0.0.B

Date Public

2026-02-10 19:44

Credits

Reported through AMD Bug Bounty Program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29950",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T04:56:51.935528Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:29.765Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.G"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MilanPI 1.0.0.H"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7002 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RomePI 1.0.0.N"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7001 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "NaplesPI 1.0.0.R"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "TurinPI 1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300A",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MI300A 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9V64H Processor",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MI300C 1.0.0.2"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.C"
            },
            {
              "status": "unaffected",
              "version": "CastlePeakWSPI-sWRX8 1.0.0.I"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6_1.0.0.1l"
            },
            {
              "status": "unaffected",
              "version": "ShimadaPeakPI-SP6_1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6_1.1.0.0j"
            },
            {
              "status": "unaffected",
              "version": "ShimadaPeakPI-SP6_1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 9000 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ShimadaPeakPI-SP6_1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 9000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ShimadaPeakPI-SP6_1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbMilanPI-SP3 v9 1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7002 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbRomePI-SP3 1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "SnowyOwl_SP4_SP4r2.1.1.0.H"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbTurinPI-SP5_1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.B"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reported through AMD Bug Bounty Program"
        }
      ],
      "datePublic": "2026-02-10T19:44:00.496Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1274",
              "description": "CWE-1274  Improper Access Control for Volatile Memory Containing Boot Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T19:51:27.430Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29950",
    "datePublished": "2026-02-10T19:10:28.112Z",
    "dateReserved": "2025-03-12T15:15:04.911Z",
    "dateUpdated": "2026-02-26T14:44:29.765Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-29950",
      "date": "2026-06-17",
      "epss": "0.00145",
      "percentile": "0.04138"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-29950\",\"sourceIdentifier\":\"psirt@amd.com\",\"published\":\"2026-02-10T20:16:44.493\",\"lastModified\":\"2026-02-10T21:51:48.077\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1274\"}]}],\"references\":[{\"url\":\"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html\",\"source\":\"psirt@amd.com\"},{\"url\":\"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html\",\"source\":\"psirt@amd.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-29950\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-11T04:56:51.935528Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-10T21:01:43.154Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Reported through AMD Bug Bounty Program\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 7.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 9004 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"GenoaPI 1.0.0.G\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 7003 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"MilanPI 1.0.0.H\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 7002 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"RomePI 1.0.0.N\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 7001 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"NaplesPI 1.0.0.R\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 9005 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"TurinPI 1.0.0.6\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Instinct\\u2122 MI300A\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"MI300A 1.0.0.B\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 9V64H Processor\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"MI300C 1.0.0.2\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 PRO 3000WX Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ChagallWSPI-sWRX8 1.0.0.C\"}, {\"status\": \"unaffected\", \"version\": \"CastlePeakWSPI-sWRX8 1.0.0.I\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 PRO 5000 WX-Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ChagallWSPI-sWRX8 1.0.0.C\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 7000 Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"StormPeakPI-SP6_1.0.0.1l\"}, {\"status\": \"unaffected\", \"version\": \"ShimadaPeakPI-SP6_1.0.0.1\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 PRO 7000 WX-Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"StormPeakPI-SP6_1.1.0.0j\"}, {\"status\": \"unaffected\", \"version\": \"ShimadaPeakPI-SP6_1.0.0.1\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 9000 Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ShimadaPeakPI-SP6_1.0.0.1\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD Ryzen\\u2122 Threadripper\\u2122 PRO 9000 WX-Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"ShimadaPeakPI-SP6_1.0.0.1\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 7003 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbMilanPI-SP3 v9 1.0.0.C\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 9004 Series Processors (formerly codenamed \\\"Genoa\\\")\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbGenoaPI-SP5 1.0.0.B\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 7002 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbRomePI-SP3 1.0.0.F\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 3000 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"SnowyOwl_SP4_SP4r2.1.1.0.H\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 9005 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbTurinPI-SP5_1.0.0.1\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 9004 Series Processors (formerly codenamed \\\"Bergamo\\\")\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbGenoaPI-SP5 1.0.0.B\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 8004 Series Processors\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"EmbGenoaPI-SP5 1.0.0.B\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2026-02-10T19:44:00.496Z\", \"references\": [{\"url\": \"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html\"}, {\"url\": \"https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html\"}], \"x_generator\": {\"engine\": \"AMD PSIRT Automation 1.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1274\", \"description\": \"CWE-1274  Improper Access Control for Volatile Memory Containing Boot Code\"}]}], \"providerMetadata\": {\"orgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"shortName\": \"AMD\", \"dateUpdated\": \"2026-02-10T19:51:27.430Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-29950\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-26T14:44:29.765Z\", \"dateReserved\": \"2025-03-12T15:15:04.911Z\", \"assignerOrgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"datePublished\": \"2026-02-10T19:10:28.112Z\", \"assignerShortName\": \"AMD\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2025-29950

Vulnerability from fkie_nvd - Published: 2026-02-10 20:16 - Updated: 2026-04-15 00:35

Severity

7.1 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Summary

Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.

References

	URL	Tags
	psirt@amd.com	https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html
	psirt@amd.com	https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution."
    },
    {
      "lang": "es",
      "value": "Validaci\u00f3n de entrada incorrecta en modo de gesti\u00f3n del sistema (SMM) podr\u00eda permitir a un atacante privilegiado sobrescribir la memoria de la pila, lo que llevar\u00eda a la ejecuci\u00f3n de c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2025-29950",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "psirt@amd.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-10T20:16:44.493",
  "references": [
    {
      "source": "psirt@amd.com",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
    },
    {
      "source": "psirt@amd.com",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
    }
  ],
  "sourceIdentifier": "psirt@amd.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1274"
        }
      ],
      "source": "psirt@amd.com",
      "type": "Secondary"
    }
  ]
}

GHSA-9Q65-PRR3-6HH3

Vulnerability from github – Published: 2026-02-10 21:31 – Updated: 2026-02-10 21:31

Details

Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.

Severity

7.1 (High)


                  
                    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-29950"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1274"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T20:16:44Z",
    "severity": "HIGH"
  },
  "details": "Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.",
  "id": "GHSA-9q65-prr3-6hh3",
  "modified": "2026-02-10T21:31:30Z",
  "published": "2026-02-10T21:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29950"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

WID-SEC-W-2026-0381

Vulnerability from csaf_certbund - Published: 2026-02-10 23:00 - Updated: 2026-06-16 22:00

Summary

AMD EPYC, Athlon und Ryzen Prozessoren: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Prozessoren sind die zentralen Rechenwerke eines Computers.

Angriff: Ein Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuführen, sich erhöhte Berechtigungen zu verschaffen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.

Betroffene Betriebssysteme: - BIOS/Firmware - Hardware Appliance - Sonstiges

CVE-2021-26381

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2021-26410

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2021-46747

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2023-20540

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-21953

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-21961

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36310

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36311

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2024-36355

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0012

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0026

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0029

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0031

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-0045

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29939

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29946

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29948

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29949

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29950

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29951

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-29952

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48509

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48514

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-485142

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48515

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-48517

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52533

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-525331

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52534

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-52536

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

CVE-2025-54514

Affected products

Known affected 9 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
AMD Prozessor Ryzen AMD / Prozessor	`cpe:/h:amd:amd_processor:ryzen`	Ryzen
AMD Prozessor Athlon AMD / Prozessor	`cpe:/h:amd:amd_processor:athlon`	Athlon
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
HPE ProLiant HPE	`cpe:/h:hp:proliant:-`	—
Dell PowerEdge Dell	`cpe:/h:dell:poweredge:-`	—
AMD Prozessor EPYC Embedded AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc_embedded`	EPYC Embedded
AMD Prozessor EPYC AMD / Prozessor	`cpe:/h:amd:amd_processor:epyc`	EPYC

References

9 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.amd.com/en/resources/product-security…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://support.hp.com/de-de/document/ish_1406752…	external
https://support.lenovo.com/us/en/product_security…	external
https://www.dell.com/support/kbdoc/de-de/00039867…	external
https://www.dell.com/support/kbdoc/en-us/00042670…	external
https://support.hp.com/de-de/document/ish_1514274…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Prozessoren sind die zentralen Rechenwerke eines Computers.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuf\u00fchren, sich erh\u00f6hte Berechtigungen zu verschaffen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware\n- Hardware Appliance\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0381 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0381.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0381 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0381"
      },
      {
        "category": "external",
        "summary": "AMD Athlon and AMD Ryzen Processor Vulnerabilities \u2013 February 2026 vom 2026-02-10",
        "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4013.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04999 vom 2026-02-10",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04999en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04090 vom 2025-12-05",
        "url": "https://support.hp.com/de-de/document/ish_14067521-14067543-16/HPSBHF04090"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-210698 vom 2026-02-10",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-210698"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-016 vom 2026-02-10",
        "url": "https://www.dell.com/support/kbdoc/de-de/000398671/dsa-2026-016"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-026 vom 2026-02-11",
        "url": "https://www.dell.com/support/kbdoc/en-us/000426703/dsa-2026-026-security-update-for-dell-amd-based-poweredge-server-vulnerability"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04127 vom 2026-06-12",
        "url": "https://support.hp.com/de-de/document/ish_15142748-15143245-16/HPSBHF04127"
      }
    ],
    "source_lang": "en-US",
    "title": "AMD EPYC, Athlon und Ryzen Prozessoren: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-16T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-17T09:10:31.386+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-0381",
      "initial_release_date": "2026-02-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-02-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-02-11T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-05-14T22:00:00.000+00:00",
          "number": "3",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-209862"
        },
        {
          "date": "2026-06-01T22:00:00.000+00:00",
          "number": "4",
          "summary": "Referenz(en) aufgenommen: EUVD-2021-34843"
        },
        {
          "date": "2026-06-16T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "EPYC",
                "product": {
                  "name": "AMD Prozessor EPYC",
                  "product_id": "T050793",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:epyc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "EPYC Embedded",
                "product": {
                  "name": "AMD Prozessor EPYC Embedded",
                  "product_id": "T050794",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:epyc_embedded"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Athlon",
                "product": {
                  "name": "AMD Prozessor Athlon",
                  "product_id": "T050795",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:athlon"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Ryzen",
                "product": {
                  "name": "AMD Prozessor Ryzen",
                  "product_id": "T050796",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:amd:amd_processor:ryzen"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Prozessor"
          }
        ],
        "category": "vendor",
        "name": "AMD"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T043182",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Dell PowerEdge",
            "product": {
              "name": "Dell PowerEdge",
              "product_id": "T028211",
              "product_identification_helper": {
                "cpe": "cpe:/h:dell:poweredge:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T030989",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HPE ProLiant",
            "product": {
              "name": "HPE ProLiant",
              "product_id": "T009310",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:proliant:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T048897",
              "product_identification_helper": {
                "cpe": "cpe:/h:lenovo:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-26381",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26381"
    },
    {
      "cve": "CVE-2021-26410",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-26410"
    },
    {
      "cve": "CVE-2021-46747",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2021-46747"
    },
    {
      "cve": "CVE-2023-20540",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-20540"
    },
    {
      "cve": "CVE-2024-21953",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-21953"
    },
    {
      "cve": "CVE-2024-21961",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-21961"
    },
    {
      "cve": "CVE-2024-36310",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36310"
    },
    {
      "cve": "CVE-2024-36311",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36311"
    },
    {
      "cve": "CVE-2024-36355",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-36355"
    },
    {
      "cve": "CVE-2025-0012",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0012"
    },
    {
      "cve": "CVE-2025-0026",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0026"
    },
    {
      "cve": "CVE-2025-0029",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0029"
    },
    {
      "cve": "CVE-2025-0031",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0031"
    },
    {
      "cve": "CVE-2025-0045",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0045"
    },
    {
      "cve": "CVE-2025-29939",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29939"
    },
    {
      "cve": "CVE-2025-29946",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29946"
    },
    {
      "cve": "CVE-2025-29948",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29948"
    },
    {
      "cve": "CVE-2025-29949",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29949"
    },
    {
      "cve": "CVE-2025-29950",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29950"
    },
    {
      "cve": "CVE-2025-29951",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29951"
    },
    {
      "cve": "CVE-2025-29952",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-29952"
    },
    {
      "cve": "CVE-2025-48509",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48509"
    },
    {
      "cve": "CVE-2025-48514",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48514"
    },
    {
      "cve": "CVE-2025-485142",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-485142"
    },
    {
      "cve": "CVE-2025-48515",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48515"
    },
    {
      "cve": "CVE-2025-48517",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-48517"
    },
    {
      "cve": "CVE-2025-52533",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52533"
    },
    {
      "cve": "CVE-2025-525331",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-525331"
    },
    {
      "cve": "CVE-2025-52534",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52534"
    },
    {
      "cve": "CVE-2025-52536",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-52536"
    },
    {
      "cve": "CVE-2025-54514",
      "product_status": {
        "known_affected": [
          "T030989",
          "T043182",
          "T050796",
          "T050795",
          "T048897",
          "T009310",
          "T028211",
          "T050794",
          "T050793"
        ]
      },
      "release_date": "2026-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-54514"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-29950 (GCVE-0-2025-29950)

FKIE_CVE-2025-29950

GHSA-9Q65-PRR3-6HH3

WID-SEC-W-2026-0381

Tags

Sightings

Nomenclature