Volerion logoVolerion
Volerion logoVolerion

AMD Platform Configuration Blob SMM Privilege Escalation Vulnerability

Vulnerability

A vulnerability exists in the AMD Platform Configuration Blob (APCB) System Management Mode (SMM) driver due to incorrect use of the LocateProtocol service in the EFI_BOOT_Services table. This flaw could enable a privileged attacker with local access (Ring 0) to escalate privileges to SMM, potentially leading to arbitrary code execution.

Impact

Exploitation of this vulnerability could allow for unauthorized privilege escalation to System Management Mode, with the potential for arbitrary code execution.

Remediation

Users are advised to update to the Platform Initialization (PI) versions specified for their AMD EPYC or Ryzen processors. Consult the AMD security bulletin AMD-SB-7054 for detailed update instructions.

Added: Apr 16, 2026, 8:51 PM
Updated: Apr 16, 2026, 8:51 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
2.8
remediation
7.7
relevance
6.0
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.