Epyc 7001 Firmware
CVE-2023-20521
MEDIUM
Severity by source
AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
AnalysisAI
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-367. TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service. Affected products include: Amd Epyc 7001 Firmware, Amd Epyc 7251 Firmware, Amd Epyc 7261 Firmware, Amd Epyc 7281 Firmware, Amd Epyc 7301 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Epyc 7001 Firmware
View allA malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to fl
Improper input and range checking in the AMD Secure Processor (ASP) boot loader image header may allow an attacker to us
AMD System Management Unit (SMU) contains a potential issue where a malicious user may be able to manipulate mailbox ent
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervis
Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, po
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to in
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain micr
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential in
AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources. Rated med
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today