1. Home
  2. CVE Database
  3. CVE-2021-26390
MEDIUM · 6.2

CVE-2021-26390

A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.

Vulnerability Description

A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.

CVSS Score

6.2

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
AmdRyzen 5 2600 Firmware-
AmdRyzen 5 2600-
AmdRyzen 5 2600X Firmware-
AmdRyzen 5 2600X-
AmdRyzen 5 2700X Firmware-
AmdRyzen 5 2700X-
AmdRyzen 5 2700 Firmware-
AmdRyzen 5 2700-
AmdRyzen 5 3600 Firmware-
AmdRyzen 5 3600-
AmdRyzen 5 3600X Firmware-
AmdRyzen 5 3600X-
AmdRyzen 7 3700X Firmware-
AmdRyzen 7 3700X-
AmdRyzen 7 3800X Firmware-
AmdRyzen 7 3800X-
AmdRyzen 9 3900X Firmware-
AmdRyzen 9 3900X-
AmdRyzen 9 3950X Firmware-
AmdRyzen 9 3950X-

References

FAQ

What is CVE-2021-26390?

CVE-2021-26390 is a vulnerability with a CVSS score of 6.2 (MEDIUM). A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.

How severe is CVE-2021-26390?

CVE-2021-26390 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-26390?

Check the references section above for vendor advisories and patch information. Affected products include: Amd Ryzen 5 2600 Firmware, Amd Ryzen 5 2600, Amd Ryzen 5 2600X Firmware, Amd Ryzen 5 2600X, Amd Ryzen 5 2700X Firmware.