Primary

Context

AMD EPYC and EPYC Embedded Series Processors Improper Bound Check Vulnerability Allowing Memory Write to Host

Vulnerability

A vulnerability exists in AMD EPYC and EPYC Embedded Series processors due to improper bound checking in the CPU microcode. This flaw can enable a malicious guest to write to the host memory, potentially leading to a loss of integrity. The issue affects several different versions and ranges of AMD EPYC processors, both in the 7000 and 8000 series, as well as the EPYC Embedded 9004 series.

Impact

Exploitation of this vulnerability could allow a guest to write to host memory, resulting in a loss of integrity.

Remediation

Users are advised to update to the latest Platform Initialization (PI) or Secure Encrypted Virtualization (SEV) firmware version. Specific update details can be found in the AMD Security Bulletin AMD-SB-3023.

Added: Feb 10, 2026, 9:53 PM

Updated: Feb 10, 2026, 9:53 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

4.8

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

4.8

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD EPYC and EPYC Embedded Series Processors Improper Bound Check Vulnerability Allowing Memory Write to Host

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating