SARA / Free Tools / CVE / CVE-2024-36347

CVE-2024-36347 — Improper signature verification in AMD CPU ROM microcode patch loader may allow

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x8

CVSS
6.4 MEDIUM
EPSS
1.00% (top 98.90%)
CWE
CWE-347
Published
2025-06-27T22:14:01.944Z
Last modified
2026-02-26T17:50:21.428Z
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

01What is this vulnerability?

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.

02Affected products

VendorProductVersions
AMDAMD EPYC™ 7001 SeriesNaplesPI 1.0.0.P
AMDAMD EPYC™ 7002 SeriesRomePI 1.0.0.L
AMDAMD EPYC™ 7003 SeriesMilanPI 1.0.0.F
AMDAMD EPYC™ 9004 SeriesGenoa 1.0.0.E
AMDAMD EPYC™ 4004 SeriesComboAM5PI1.0.0.a, ComboAM5PI1.1.0.3c, ComboAM5PI1.2.0.3
AMDAMD EPYC™ 9005 SeriesTurinPI 1.0.0.4
AMDAMD Instinct™ MI300AMI300PI_SR5 1.0.0.8
AMDAMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.E
AMDAMD Ryzen™ 5000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.E
AMDAMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4PI 1.0.0.D, ComboAM4v2PI 1.2.0.E
AMDAMD Athlon™ 3000 Series Desktop Processors with Radeon™ GraphicsComboAM4PI 1.0.0.D, ComboAM4v2PI 1.2.0.E
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5PI 1.0.0.a, ComboAM5PI 1.1.0.3c, ComboAM5PI 1.2.0.3
AMDAMD Ryzen™ 4000 Series Desktop Processor with Radeon™ GraphicsComboAM4v2PI 1.2.0.E
AMDAMD Ryzen™ 8000 Series Processor with Radeon™ GraphicsComboAM5PI 1.1.0.3c, ComboAM5PI 1.2.0.3
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5PI 1.2.0.3c
AMDAMD Ryzen™ Threadripper™ 3000 Series ProcessorsCastlePeakPI-SP3r3 1.0.0.E
AMDAMD Ryzen™ Threadripper™ PRO 7000 WXSeries Processors — StormPeakPI-SP6 1.0.0.1k, StormPeakPI-SP6 1.1.0.0i
AMDAMD Ryzen™ Threadripper™ PRO 3000WX Series ProcessorsChagallWSPI-sWRX8 1.0.0.B, CastlePeakWSPI-sWRX8 1.0.0.g
AMDAMD Ryzen™ Threadripper™ PRO 5000WXSeries Desktop Processors — ChagallWSPI-sWRX8 1.0.0.B
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5 1.0.1.2b
AMDAMD Ryzen™ 3000 Series Mobile Processor with Radeon™ GraphicsPicassoPI-FP5 1.0.1.2b
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.Eb
AMDAMD Ryzen™ 5000 Series Processors with Radeon™ GraphicsCezannePI-FP6 1.0.1.1b
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsMendocinoPI-FT6 1.0.0.7b
AMDAMD Ryzen™ 6000 Series Processor with Radeon™ GraphicsRembrandtPI-FP7 1.0.0.Bb
AMDAMD Ryzen™ 7035 Series Processor with Radeon™ GraphicsRembrandtPI-FP7 1.0.0.Bb
AMDAMD Ryzen™ 7000 Series Processors with Radeon™ GraphicsCezannePI-FP6 1.0.1.1b
AMDAMD Ryzen™ 7040 Series Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.2.0.0
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7 1.2.0.0
AMDAMD Ryzen™ 7045 Series Mobile ProcessorsDragonRangeFL1 1.0.0.3g
AMDAMD Ryzen™ AI 300 SeriesStrixKrakenPI-FP8_1.1.0.0b
AMDAMD Ryzen™ AI Max +StrixHaloPI-FP11_1.0.0.1
AMDAMD Ryzen™ 9000HX Series Mobile ProcessorsFireRangeFL1PI 1.0.0.0a
AMDAMD EPYC™ Embedded 3000SnowyOwl PI 1.1.0.E
AMDAMD EPYC™ Embedded 7002EmbRomePI-SP3 1.0.0.D
AMDAMD EPYC™ Embedded 7003EmbMilan PI-SP3 1.0.0.A
AMDAMD EPYC™ Embedded 8004EmbGenoaPI-SP5 1.0.0.9
AMDAMD EPYC™ Embedded 9004EmbGenoaPI-SP5 1.0.0.9
AMDAMD EPYC™ Embedded 97X4EmbGenoaPI-SP5 1.0.0.9
AMDAMD Ryzen™ Embedded R1000EmbeddedPI-FP5 1.2.0.F
AMDAMD Ryzen™ Embedded R2000EmbeddedR2KPI 1.0.0.5
AMDAMD Ryzen™ Embedded 5000EmbAM4PI 1.0.0.7
AMDAMD Ryzen™ Embedded 7000EmbeddedAM5PI 1.0.0.3
AMDAMD Ryzen™ Embedded V1000EmbeddedPI-FP5 1.2.0.F
AMDAMD Ryzen™Embedded V2000EmbeddedPI-FP6 1.0.0.B
AMDAMD Ryzen™Embedded V3000EmbeddedPI-FP7R2 1.0.0.C

03Active exploitation status

Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.

04Recommended remediation

05Technical details

For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.

06Detection signatures

Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:

Open in Sigma generator →

07Related CVEs

No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.

08Timeline

09References

Want this in your SOAR or SIEM?
SARA's API returns EPSS, CVSS, KEV, and an analyst-grade summary in one call.
Read the API reference →
EPSS detail → Search KEV → Ask SARA →