High severity7.2NVD Advisory· Published Feb 3, 2025· Updated Apr 15, 2026

CVE-2024-56161

Description

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2025/02/04/1nvd
www.openwall.com/lists/oss-security/2025/03/06/2nvd
lists.debian.org/debian-lts-announce/2025/03/msg00024.htmlnvd
www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.htmlnvd
www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.468
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000