Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-46755

Failure to unmap certain SysHub mappings in error paths of the ASP (AMD Secure Processor) bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service.

Security Impact Summary

This vulnerability carries a HIGH severity rating with a CVSS v3.1 score of 7.5, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 46 products from amd, from amd, from amd and 43 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2023, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2023-05-09T20:15:12.157

Last Modified

2025-01-28T16:15:31.403

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	amd	ryzen_5500_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5500	-	No
Operating System	amd	ryzen_5500_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5500	-	No
Operating System	amd	ryzen_5600_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5600	-	No
Operating System	amd	ryzen_5600_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5600	-	No
Operating System	amd	ryzen_5600g_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5600g	-	No
Operating System	amd	ryzen_5600g_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5600g	-	No
Operating System	amd	ryzen_5600x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5600x	-	No
Operating System	amd	ryzen_5600x_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5600x	-	No
Operating System	amd	ryzen_5700g_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5700g	-	No
Operating System	amd	ryzen_5700g_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5700g	-	No
Operating System	amd	ryzen_5700x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5700x	-	No
Operating System	amd	ryzen_5700x_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5700x	-	No
Operating System	amd	ryzen_5800x3d_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5800x3d	-	No
Operating System	amd	ryzen_5800x3d_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5800x3d	-	No
Operating System	amd	ryzen_5800x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5800x	-	No
Operating System	amd	ryzen_5800x_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5800x	-	No
Operating System	amd	ryzen_5900x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5900x	-	No
Operating System	amd	ryzen_5900x_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5900x	-	No
Operating System	amd	ryzen_5950x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_5950x	-	No
Operating System	amd	ryzen_5950x_firmware	comboam4v2_pi_1.2.0.6	Yes
Hardware	amd	ryzen_5950x	-	No
Operating System	amd	ryzen_3100_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3100	-	No
Operating System	amd	ryzen_3100_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3100	-	No
Operating System	amd	ryzen_3300x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3300x	-	No
Operating System	amd	ryzen_3300x_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3300x	-	No
Operating System	amd	ryzen_3500_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3500	-	No
Operating System	amd	ryzen_3500_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3500	-	No
Operating System	amd	ryzen_3500x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3500x	-	No
Operating System	amd	ryzen_3500x_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3500x	-	No
Operating System	amd	ryzen_3600_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3600	-	No
Operating System	amd	ryzen_3600_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3600	-	No
Operating System	amd	ryzen_3600x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3600x	-	No
Operating System	amd	ryzen_3600x_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3600x	-	No
Operating System	amd	ryzen_3600xt_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3600xt	-	No
Operating System	amd	ryzen_3600xt_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3600xt	-	No
Operating System	amd	ryzen_3800x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3800x	-	No
Operating System	amd	ryzen_3800x_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3800x	-	No
Operating System	amd	ryzen_3800xt_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3800xt	-	No
Operating System	amd	ryzen_3800xt_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3800xt	-	No
Operating System	amd	ryzen_3900_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3900	-	No
Operating System	amd	ryzen_3900_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3900	-	No
Operating System	amd	ryzen_3900x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3900x	-	No
Operating System	amd	ryzen_3900x_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3900x	-	No
Operating System	amd	ryzen_3900xt_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3900xt	-	No
Operating System	amd	ryzen_3900xt_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3900xt	-	No
Operating System	amd	ryzen_3950x_firmware	comboam4_v2_pi_1.2.0.8	Yes
Hardware	amd	ryzen_3950x	-	No
Operating System	amd	ryzen_3950x_firmware	comboam4pi_1.0.0.9	Yes
Hardware	amd	ryzen_3950x	-	No

References

https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 Vendor Advisory ([email protected])
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For amd's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.