← volver
CVE-2025-29950

CVE-2025-29950

CVSS 7.1 HIGHEPSS 0.1%CWE-1274
Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
AMD · AMD EPYC™ 7001 Series ProcessorsAMD · AMD EPYC™ 7002 Series ProcessorsAMD · AMD EPYC™ 7003 Series ProcessorsAMD · AMD EPYC™ 9004 Series ProcessorsAMD · AMD EPYC™ 9005 Series ProcessorsAMD · AMD EPYC™ 9V64H ProcessorAMD · AMD EPYC™ Embedded 3000 Series ProcessorsAMD · AMD EPYC™ Embedded 7002 Series ProcessorsAMD · AMD EPYC™ Embedded 7003 Series ProcessorsAMD · AMD EPYC™ Embedded 8004 Series ProcessorsAMD · AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo")AMD · AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")AMD · AMD EPYC™ Embedded 9005 Series ProcessorsAMD · AMD Instinct™ MI300AAMD · AMD Ryzen™ Threadripper™ 7000 ProcessorsAMD · AMD Ryzen™ Threadripper™ 9000 ProcessorsAMD · AMD Ryzen™ Threadripper™ PRO 3000WX ProcessorsAMD · AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsAMD · AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsAMD · AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.htmlhttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html