Check the Flaw in AMD Platform Security Processor, CVE-2021-26333

The below query checks for the Flaw in the AMD PSP, CVE-2021-26333 if the system is vulnerable or not and print the appropriate message.

-- Check the Flaw  in AMD Platform Security Processor, CVE-2021-26333

SELECT
  CASE
    WHEN (SELECT 1 FROM cpu_info WHERE model LIKE '%AMD%') AND (SELECT 1 FROM drivers WHERE device_name LIKE '%PSP%' AND version = '5.17.0.0') = 1
    THEN 'SYSTEM IS PATCHED'
    WHEN (SELECT 1 FROM cpu_info WHERE model LIKE '%AMD%') AND (SELECT 1 FROM drivers WHERE device_name LIKE '%PSP%' AND version <> '5.17.0.0') = 1
    THEN 'SYSTEM IS NOT PATCHED, UPDATE THE DRIVER'
    WHEN (SELECT 1 FROM cpu_info WHERE model NOT LIKE '%AMD%') = 1
    THEN 'SYSTEM HAS NON-AMD PROCESSOR'
  END Status

For more info about vulnerability,

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009

https://hackaday.com/2021/10/01/flaw-in-amd-platform-security-processor-affects-millions-of-computers/

RaviSoni

Uncategorized

Anomalies

ATT&CK

Cloud Optix

Compliance

Data Lake

Device

Email

Events

Files

Live Response

Network

Other queries

Processes

Query Tips

Registry

Threat Hunting

User

Check the Flaw in AMD Platform Security Processor, CVE-2021-26333