CVE-2021-26327
MEDIUMAMD Epyc 7003 Firmware < milanpi-sp3_1.0.0.4 - Exposure to Wrong Actor
Title source: ruleDescription
Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality.
Scores
CVSS v3
5.5
EPSS
0.0006
EPSS Percentile
18.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-20
CWE-668
Status
published
Affected Products (20)
amd/epyc_7003_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_72f3_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7313_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7313p_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7343_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_73f3_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7413_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7443_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7443p_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7453_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_74f3_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7513_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7543_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_7543p_firmware
< milanpi-sp3_1.0.0.4
amd/epyc_75f3_firmware
< milanpi-sp3_1.0.0.4
... and 5 more
Timeline
Published
Nov 16, 2021
Tracked Since
Feb 18, 2026