{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T02:12:09.676","vulnerabilities":[{"cve":{"id":"CVE-2021-26387","sourceIdentifier":"psirt@amd.com","published":"2024-08-13T17:15:17.563","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient access controls in ASP kernel may allow a\nprivileged attacker with access to AMD signing keys and the BIOS menu or UEFI\nshell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity."},{"lang":"es","value":"Los controles de acceso insuficientes en el kernel ASP pueden permitir que un atacante privilegiado con acceso a las claves de firma de AMD y al menú BIOS o al shell UEFI asigne regiones DRAM en áreas protegidas, lo que podría provocar una pérdida de integridad de la plataforma."}],"metrics":{"cvssMetricV31":[{"source":"psirt@amd.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L","baseScore":3.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":0.8,"impactScore":2.7}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html","source":"psirt@amd.com"},{"url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5002.html","source":"psirt@amd.com"}]}}]}