A vulnerability has been discovered in AMD processors, affecting several chip series. Specialists from Positive Technologies reported the issue. According to them, the flaw could potentially be used for data theft, covert system monitoring, malicious code execution, and bypassing security mechanisms.
The vulnerability details were shared with the manufacturer, after which AMD released an update to address the problem.
The flaw affects four processor lines: AMD EPYC, Ryzen, EPYC Embedded, and Ryzen Embedded. A total of 56 models are involved, spanning different price segments.
These processors are used in various devices and server platforms, including equipment from PC and server manufacturers.
The issue is related to insufficient protection of the System Management Mode (SMM), one of the most privileged processor operating levels. This mechanism handles low-level system management, including power consumption, security, and other critical platform functions.
According to published information, the affected processors were manufactured between October 2025 and March 2026. The vulnerability was registered in April, with the fix coming only in mid-May.
It is currently unknown how many devices were shipped with the affected processor versions. Users are advised to install the latest BIOS and software updates from device manufacturers to obtain security fixes.