CVE-2021-46746

CVSS 3.1 Score 5.2 of 10 (medium)

Details

Published Aug 13, 2024
Updated: Oct 31, 2024
CWE ID 120

Summary

CVE-2021-46746 is a vulnerability affecting the AMD ASP Secure OS Trusted Execution Environment (TEE). This issue arises from a lack of stack protection exploit mechanisms, enabling a privileged attacker with AMD signing keys to manipulate the return address. The result is a stack-based buffer overrun, potentially leading to a denial of service. An attacker exploiting this weakness could disrupt the normal functioning of the TEE, compromising its security.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share