SARA / Free Tools / CVE / CVE-2024-36355

CVE-2024-36355 — Improper input validation in the SMM handler could allow an attacker with Ring0

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.

CVSS
7.0 HIGH
EPSS
1.00% (top 30.00%)
CWE
CWE-787
Published
2026-02-10T19:28:04.884Z
Last modified
2026-02-26T14:44:29.203Z
CVSS vector
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H

01What is this vulnerability?

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.

02Affected products

VendorProductVersions
AMDAMD EPYC™ 9004 Series ProcessorsGenoaPI 1.0.0.E
AMDAMD Ryzen™ Threadripper™ PRO 5000 WXSeries Processors — ChagallWSPI-sWRX8-1.0.0.B
AMDAMD Ryzen™ 5000 Series Mobile Processors with Radeon™ GraphicsCezannePI-FP6_1.0.1.1b
AMDAMD Ryzen™ Threadripper™ PRO 3000 WXSeries Processors — CastlePeakWSPI-sWRX8 1.0.0.G, ChagallWSPI-sWRX8-1.0.0.B
AMDAMD Ryzen™ Z1 Series ProcessorsComboAM5 1.1.0.3c / ComboAM5 1.2.0.3d
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5 1.2.0.3d
AMDAMD Ryzen™ 7000 Series Desktop ProcessorsComboAM5 1.2.0.3d, ComboAM5 1.1.0.3c, ComboAM5PI 1.0.0.E
AMDAMD Ryzen™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5_1.0.1.2c
AMDAMD Ryzen™ 5000 Series Desktop Processors with Radeon™ GraphicsComboAM4v2PI 1.2.0.10
AMDAMD Ryzen™ 3000 Series Desktop ProcessorsComboAM4PI 1.0.0.10, ComboAM4v2PI 1.2.0.10
AMDAMD Ryzen™ 8000 Series Desktop ProcessorsComboAM5 1.1.0.3c
AMDAMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0c
AMDAMD Ryzen™ Threadripper™ 7000 processorStormPeakPI-SP6 1.1.0.0i
AMDAMD Ryzen™ Threadripper™ PRO 7000 WXSeries processors — StormPeakPI-SP6 1.0.0.1k / StormPeakPI-SP6 1.1.0.0i
AMDAMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsPhoenixPI-FP8-FP7_1.2.0.0c
AMDAMD Ryzen™ 4000 Series Mobile Processors with Radeon™ GraphicsRenoirPI-FP6 1.0.0.Eb
AMDAMD Ryzen™ 6000 Series Processors with Radeon™ GraphicsRembrandtPI-FP7_1.0.0.Bb
AMDAMD Ryzen™ 8000 Series DesktopComboAM5 1.2.0.3d
AMDAMD Ryzen™ 7020 Series Processors with Radeon™ GraphicsMendocinoPI-FT6_1.0.0.7b
AMDAMD Ryzen™ 7045 Series Mobile Processors with Radeon™ GraphicsDragonRangeFL1_1.0.0.3g
AMDAMD Athlon™ 3000 Series Mobile Processors with Radeon™ GraphicsPicassoPI-FP5_1.0.1.2c
AMDAMD Ryzen™ 4000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.10
AMDAMD Ryzen™ 5000 Series Desktop ProcessorsComboAM4v2PI 1.2.0.10
AMDAMD Ryzen™ Threadripper™ PRO 7000 WXSeries Processors — StormPeakPI-SP6 1.1.0.0i
AMDAMD Ryzen™ Z2 Series ProcessorsPhoenixPI-FP8-FP7_1.2.0.0c
AMDAMD Ryzen™ Z2 Series Processors GoRembrandtPI-FP7_1.0.0.Bb
AMDAMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")EmbGenoaPI-SP5 1.0.0.B
AMDAMD Ryzen™ Embedded R1000 Series ProcessorsEmbeddedPI-FP5 1211
AMDAMD Ryzen™ Embedded R2000 Series ProcessorsEmbeddedR2KPI-FP5 1006
AMDAMD Ryzen™ Embedded 5000 Series ProcessorsEmbAM4PI 1008
AMDAMD Ryzen™ Embedded 7000 Series ProcessorsEmbeddedAM5PI 1.0.0.4​
AMDAMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Raven Ridge")EmbeddedPI-FP5 1211
AMDAMD Ryzen™ Embedded V1000 Series Processors (formerly codenamed "Picasso")EmbeddedPI-FP5 1211
AMDAMD Ryzen™ Embedded V2000 Series ProcessorsEmbeddedPI-FP6_1.0.0.B
AMDAMD Ryzen™ Embedded V3000 Series ProcessorsEmbedded-PI_FP7r2 100F
AMDAMD Ryzen™ Embedded 8000 Series ProcessorsEmbeddedPhoenixPI-FP7r2_1.0.0.2

03Active exploitation status

Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.

04Recommended remediation

05Technical details

For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.

06Detection signatures

Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:

Open in Sigma generator →

07Related CVEs

No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.

08Timeline

09References

Want this in your SOAR or SIEM?
SARA's API returns EPSS, CVSS, KEV, and an analyst-grade summary in one call.
Read the API reference →
EPSS detail → Search KEV → Ask SARA →