{"cve":{"cve_id":"CVE-2024-56161","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.0052,"epss_percentile":0.4003,"epss_as_of":"2026-06-23","description":"Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.","published_at":"2025-02-03T17:24:01.185000Z","last_modified_at":null,"cvss_v3_score":7.2,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"total","cwes":["CWE-347"],"nvd_references":["https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T02:17:18.614695Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"H","value_label":"High"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-epyc-7001-series","product_name":"AMD EPYC™ 7001 Series","version_start":"NaplesPI 1.0.0.P","version_start_inclusive":true,"version_end":"NaplesPI 1.0.0.P","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-epyc-7001-series:NaplesPI 1.0.0.P:NaplesPI 1.0.0.P"},{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-epyc-7002-series","product_name":"AMD EPYC™ 7002 Series","version_start":"RomePI 1.0.0.L","version_start_inclusive":true,"version_end":"RomePI 1.0.0.L","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-epyc-7002-series:RomePI 1.0.0.L:RomePI 1.0.0.L"},{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-epyc-7003-series","product_name":"AMD EPYC™ 7003 Series","version_start":"MilanPI 1.0.0.F","version_start_inclusive":true,"version_end":"MilanPI 1.0.0.F","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-epyc-7003-series:MilanPI 1.0.0.F:MilanPI 1.0.0.F"},{"vendor_slug":"amd","vendor_name":"AMD","product_slug":"amd-epyc-9004-series","product_name":"AMD EPYC™ 9004 Series","version_start":"Genoa 1.0.0.E","version_start_inclusive":true,"version_end":"Genoa 1.0.0.E","version_end_inclusive":true,"cpe23_uri":"cve5:amd:amd-epyc-9004-series:Genoa 1.0.0.E:Genoa 1.0.0.E"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-02-03T17:24:01.185000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:39:28.576783Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:39:28.576783Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:39:28.576783Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T02:17:18.614695Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:17:18.614695Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:17:18.614695Z","label":"SSVC decision revised","source":"vulnrichment"}]}