CVE-2018-8932

Name of the Vulnerable Software and Affected Versions AMD Ryzen and Ryzen Pro processor chips (affected versions not specified)

Description The vulnerability is related to insufficient access control for the Secure Processor in AMD Ryzen and Ryzen Pro processor chips. An attacker with access to the targeted computer and administrative privileges can exploit this issue to execute arbitrary code on the protected processor by writing to the AMD Secure Processor registers. Additionally, the vulnerability allows an attacker to read from the protected area of the processor, including memory VTL-1 and System Management Mode (SMM), by writing to the AMD Secure Processor registers. It is also possible for an attacker to disable System Management Mode (SMM) protection by writing to the AMD Secure Processor registers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.