CVE-2024-36347
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2024-36347. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1Attack Vector Metrics
Impact Metrics
Description
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
Available Exploits
Related News
Affected Products
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (3.1)
Data provided by ENISA EU Vulnerability Database. Last updated: July 1, 2025
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
References
Advisory provided by GitHub Security Advisory Database. Published: June 28, 2025, Modified: June 28, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
X870 WiFi Gaming 6- Should I Update Bios? Hi, I have this motherboard with a 9800x3D. Running EXPO and not having any issues with it. Im on Version F3 and these are the updates available; | Version | Release Date | Key Improvements | |---------|----------------|------------------| | **F4** | Feb 5, …
Bios update legion go I’ve not installed it yet but noticed this news update Is it new? Changelog 1. Base on BIOS36. 2. Update AMD PI 1.2.0.0. 3. Add CVE-2024-36347 patch. 4. Add CVE-2023-40238 patch. 5. Add CVE-2024-38796 patch. 6. Add CVE-2024-6364 patch. 7. Add CVE-2024-52877 patch. 8. Add CVE-2024-52878 …
First time doing a BIOS update I am switching over to a 9800x3d set up and I have the x870 aorus elite wifi 7 motherboard. I'm unsure of what bios is loaded up since I haven't started the swap yet until I have everything needed on my USB drive since …