CVE-2026-0438 PUBLISHED

Assigner: AMD
Reserved: 06.12.2025 Published: 15.05.2026 Updated: 15.05.2026

A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system’s confidentiality, integrity, and availability.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 5.4

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Physical	Confidentiality	High	Confidentiality	None
Attack Complexity	High	Integrity	High	Integrity	None
Attack Requirements	Present	Availability	High	Availability	None
Privileges Required	High
User Interaction	Active

CVSS 4.0

Product Status

Vendor	AMD
Product	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics
Versions	Default: affected Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics
Versions	Default: affected Version DragonRangeFL1PI 1.0.0.3k is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7000 Series Desktop Processors
Versions	Default: affected Version ComboAM5PI 1.0.0.d is unaffected

Vendor	AMD
Product	AMD Ryzen™ 9000HX Series Processors
Versions	Default: affected Version FireRangeFL1PI 1.0.0.0d is unaffected

Vendor	AMD
Product	AMD Ryzen™ AI 300 Series Processors
Versions	Default: affected Version StrixKrackanPI-FP8_1.1.0.0e is unaffected

Vendor	AMD
Product	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors
Versions	Default: affected Version StormPeakPI-SP6 1.0.0.1m is unaffected Version StormPeakPI-SP6_1.1.0.0k is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7000 Series Desktop Processors
Versions	Default: affected Version ComboAM5PI 1.1.0.3f is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7000 Series Desktop Processors
Versions	Default: affected Version ComboAM5PI_1.2.0.3i is unaffected

Vendor	AMD
Product	AMD Ryzen™ 8000 Series Desktop Processors
Versions	Default: affected Version ComboAM5PI 1.1.0.3f is unaffected

Vendor	AMD
Product	AMD Ryzen™ 8000 Series Desktop Processors
Versions	Default: affected Version ComboAM5PI_1.2.0.3i is unaffected

Vendor	AMD
Product	AMD Ryzen™ 9000 Series Desktop Processors
Versions	Default: affected Version ComboAM5PI_1.2.0.3i is unaffected

Vendor	AMD
Product	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics
Versions	Default: affected Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected

Vendor	AMD
Product	AMD Ryzen™ AI Max 300 Series Processors
Versions	Default: affected Version StrixHaloPI-FP11_1.0.0.2a is unaffected

Vendor	AMD
Product	AMD Ryzen™ Z1 Series Processors
Versions	Default: affected Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected

Vendor	AMD
Product	AMD Ryzen™ Z1 Series Processors
Versions	Default: affected Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected

Vendor	AMD
Product	AMD Ryzen™ Z2 Series Processors Extreme
Versions	Default: affected Version StrixKrackanPI-FP8_1.1.0.2d is unaffected

Vendor	AMD
Product	AMD Ryzen™ Z2 Series Processors
Versions	Default: affected Version PhoenixPI-FP8-FP7_1.2.0.0f is unaffected

Vendor	AMD
Product	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors
Versions	Default: affected Version ShimadaPeakPI-SP6 1.0.0.1c is unaffected

Vendor	AMD
Product	AMD Ryzen™ Threadripper™ 7000 Processors
Versions	Default: affected Version ShimadaPeakPI-SP6 1.0.0.1c is unaffected

Vendor	AMD
Product	Not public
Versions	Default: affected Version StrixKrackanPI-FP8_1.1.0.2d is unaffected

Vendor	AMD
Product	AMD Ryzen™ Threadripper™ 9000 Processors
Versions	Default: affected Version ShimadaPeakPI-SP6 1.0.0.1c is unaffected

Vendor	AMD
Product	AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors
Versions	Default: affected Version ShimadaPeakPI-SP6 1.0.0.1c is unaffected

Vendor	AMD
Product	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael")
Versions	Default: affected Version ComboAM5PI_1.3.0.0 is unaffected

Vendor	AMD
Product	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")
Versions	Default: affected Version ComboAM5PI_1.3.0.0 is unaffected

Vendor	AMD
Product	AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge")
Versions	Default: affected Version ComboAM5PI_1.3.0.0 is unaffected

Vendor	AMD
Product	AMD Ryzen™ Embedded 9000 Series Processors
Versions	Default: affected Version EmbeddedAM5PI 1.0.0.5 is unaffected

Vendor	AMD
Product	AMD Ryzen™ Embedded 8000 Series Processors
Versions	Default: affected Version EmbeddedPhoenixPI-FP7r2_1.0.0.4 is unaffected

Vendor	AMD
Product	AMD Ryzen™ Embedded 7000 Series Processors
Versions	Default: affected Version EmbeddedAM5PI 1.0.0.5 is unaffected

Vendor	AMD
Product	AMD EPYC™ 4004 Series Processors
Versions	Default: affected Version ComboAM5PI 1.0.0.d / ComboAM5PI 1.1.0.3f / ComboAM5PI_1.2.0.3i is unaffected

Vendor	AMD
Product	AMD EPYC™ 4005 Series Processors
Versions	Default: affected Version ComboAM5PI_1.2.0.3i is unaffected

References

Problem Types

CWE-1072 Call to Function Pointer from Untrusted Control Sphere in SMM CWE