Skip to main content
A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Find Out Why
CVE Vulnerability Database
Vulnerability Database/CVE-2021-46747

CVE-2021-46747: AMD Secure Processor Privilege Escalation

CVE-2021-46747 is a privilege escalation vulnerability in AMD Secure Processor (ASP) that allows untrusted applications to map sensitive SMN apertures. This article covers technical details, affected systems, and mitigation.

Published:

CVE-2021-46747 Overview

CVE-2021-46747 is a privilege escalation vulnerability in the AMD Secure Processor (ASP). The flaw stems from insufficient granularity of access control [CWE-1220] in the ASP. An attacker running an untrusted user space application can map sensitive System Management Network (SMN) apertures. Mapping these apertures exposes privileged hardware registers to unprivileged code. Successful exploitation may lead to escalation of privileges on affected AMD platforms.

Critical Impact

A local attacker with low-privileged user space code execution can reach sensitive SMN apertures through the AMD Secure Processor and elevate privileges on the host.

Affected Products

  • AMD Secure Processor (ASP) firmware components
  • AMD platforms exposing the System Management Network (SMN)
  • AMD products listed in AMD Security Bulletins SB-4017 and SB-6027

Discovery Timeline

  • 2026-06-01 - CVE-2021-46747 published to NVD
  • 2026-06-02 - Last updated in NVD database

Technical Details for CVE-2021-46747

Vulnerability Analysis

The AMD Secure Processor is an integrated ARM-based co-processor that manages security functions on AMD SoCs. The ASP exposes interfaces to user space components for legitimate management tasks. The access control logic governing these interfaces does not enforce sufficient granularity. As a result, an untrusted user space application can request mappings that should be reserved for privileged components.

The System Management Network (SMN) is an internal fabric used to access hardware registers across the SoC. SMN apertures provide windowed access to these registers. When an untrusted process can map sensitive SMN regions, it gains read or write access to hardware state that controls platform behavior. This breaks the trust boundary between user space and platform firmware.

Root Cause

The root cause is improper restriction of hardware sysconfig access from user mode [CWE-1220]. The ASP grants mapping requests without verifying whether the requesting context should reach the targeted SMN aperture. The access decision lacks the granularity needed to separate benign mappings from sensitive ones.

Attack Vector

Exploitation requires local code execution with high privileges, according to the CVSS vector. The attacker invokes the ASP interface from user space and requests a mapping that targets a sensitive SMN aperture. With the mapping established, the attacker reads or writes privileged registers. The complexity is rated high because the attacker must understand SMN layout and the specific ASP interface semantics. Refer to the AMD Security Bulletin SB-4017 and AMD Security Bulletin SB-6027 for platform-specific technical details.

Detection Methods for CVE-2021-46747

Indicators of Compromise

  • Unexpected user space processes opening ASP driver device nodes or invoking ASP ioctls outside of authorized management tooling.
  • Kernel or platform logs referencing unusual SMN aperture mappings or ASP mailbox traffic from non-administrative contexts.
  • Firmware version strings on AMD platforms that predate the fixes referenced in AMD SB-4017 and SB-6027.

Detection Strategies

  • Inventory AMD platforms and correlate installed BIOS or AGESA versions against the fixed builds listed in the AMD bulletins.
  • Audit which user accounts and processes interact with ASP driver interfaces and flag any access from non-administrative service accounts.
  • Monitor for privilege escalation chains where a local account suddenly gains kernel or platform-level capabilities without an authorized installer.

Monitoring Recommendations

  • Forward platform firmware and kernel event logs to a central log store and alert on ASP-related driver errors.
  • Track BIOS and microcode update compliance through endpoint management tooling.
  • Baseline normal ASP interface usage in your environment and alert on deviations.

How to Mitigate CVE-2021-46747

Immediate Actions Required

  • Apply BIOS, UEFI, and AGESA updates from your OEM that incorporate the AMD fixes referenced in SB-4017 and SB-6027.
  • Restrict local interactive and administrative access on AMD systems, since exploitation requires high local privileges.
  • Validate firmware update deployment across the AMD fleet and remediate systems running vulnerable versions.

Patch Information

AMD published fixes through platform firmware updates distributed by OEMs. Consult the AMD Security Bulletin SB-4017 and AMD Security Bulletin SB-6027 for the list of affected platforms and minimum fixed firmware versions. Obtain the corresponding BIOS or UEFI update from your hardware vendor.

Workarounds

  • Limit which accounts hold administrative or high-privilege roles on AMD systems until firmware updates are applied.
  • Remove or restrict third-party tooling that interacts with the ASP driver if it is not required for operations.
  • Enforce application allowlisting to prevent execution of untrusted user space binaries that could exercise the ASP interface.
bash
# Verify AMD platform firmware version on Linux
sudo dmidecode -s bios-version
sudo dmidecode -s bios-release-date

# Compare the reported BIOS version against the OEM
# fixed-version table in AMD SB-4017 and AMD SB-6027.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne