Cyber Posture

CVE-2024-21924

HighLPE

Published: 11 February 2025

Published
11 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0004 13.5th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-21924 is a high-severity Execution with Unnecessary Privileges (CWE-250) vulnerability in Amd (inferred from references). Its CVSS base score is 8.2 (High).

Operationally, ranked at the 13.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-7 (Software, Firmware, and Information Integrity).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates the SMM callout vulnerability by requiring identification, prioritization, and timely application of patches for the AmdPlatformRasSspSmm driver as provided in AMD's security bulletin.

SI-7 Software, Firmware, and Information Integrity good match
preventdetect

Protects the integrity of firmware drivers like AmdPlatformRasSspSmm and boot services handlers against unauthorized modifications by ring 0 attackers through integrity verification and violation response.

SI-16 Memory Protection partial match
prevent

Provides memory protection mechanisms to restrict ring 0 attackers from modifying critical SMM-related memory regions and boot services handlers leading to arbitrary code execution.

NVD Description

SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution.

Deeper analysisAI

CVE-2024-21924 is an SMM callout vulnerability in the AmdPlatformRasSspSmm driver on affected AMD platforms. Published on 2025-02-11, the flaw allows a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution. It carries a CVSS v3.1 base score of 8.2 (AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) and maps to CWE-250.

Exploitation requires local access (AV:L) with low complexity (AC:L) and high privileges (PR:H), such as ring 0 kernel-level access, and no user interaction (UI:N). A successful attack leverages the vulnerability's high scope change (S:C) to achieve high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) through arbitrary code execution.

AMD's security bulletin at https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7028.html provides details on mitigation, including available patches and remediation guidance for affected systems.

Details

CWE(s)
CWE-250

Affected Products

Amd
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2025-34515Shared CWE-250
CVE-2024-2240Shared CWE-250
CVE-2026-4498Shared CWE-250
CVE-2024-7102Shared CWE-250
CVE-2026-0870Shared CWE-250
CVE-2026-42088Shared CWE-250
CVE-2025-69783Shared CWE-250
CVE-2025-58383Shared CWE-250
CVE-2024-48013Shared CWE-250
CVE-2025-57119Shared CWE-250

References