CVE-2024-36326
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-06
Last updated on: 2025-09-08
Assigner: Advanced Micro Devices Inc.
Description
Description
Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, potentially resulting in a loss of confidentiality and integrity.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | ryzen_threadripper | 3000 |
| amd | ryzen | 6000 |
| amd | athlon | 3000 |
| amd | ryzen | 4000 |
| amd | ryzen | 5000 |
| amd | ryzen | 7000 |
| amd | ryzen | 8000 |
| amd | pro | 7000 |
| amd | pro | 5000wx |
| amd | ryzen | 2000 |
| amd | pro | 3000wx |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a missing authorization issue in AMD RomArmor that allows an attacker to bypass ROMArmor protections when the system resumes from a standby state. This means the attacker can potentially access or alter protected data without proper permission.
How can this vulnerability impact me? :
The vulnerability can lead to a loss of confidentiality and integrity of the system's data, as an attacker could bypass security protections during system resume, potentially accessing or modifying sensitive information.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70