CVE-2024-36345

Description

Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.

EPSS — Exploit Prediction

0.0002

Probability of exploitation

0.04%

Percentile rank

EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.

Weakness Type (CWE)

CWE-1274 CWE-1274

References

Other References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3030.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4017.html

Frequently Asked Questions

What is CVE-2024-36345? +

Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.

How do I check if I'm vulnerable to CVE-2024-36345? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-59404 7.5

Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with its bootloader unlocked. This permits bypass of Android Verified Boot …

CVE-2023-31345 7.5

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code …

CVE-2025-4043 6.8

An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a …

CVE-2025-59694 6.8

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a …