CRITICAL🇵🇱 Wersja polska

CVE-2023-20520

CVSS 9.8v3.1pub. 2023-05-09upd. 2025-01-28

Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Amd Epyc 7232p

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7232p Firmware

    OS
    Amd
    romepi_1.0.0.d
  • Amd Epyc 7251

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7251 Firmware

    OS
    Amd
    naplespi_1.0.0.h
  • Amd Epyc 7252

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7252 Firmware

    OS
    Amd
    romepi_1.0.0.d
  • Amd Epyc 7261

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7261 Firmware

    OS
    Amd
    naplespi_1.0.0.h
  • Amd Epyc 7262

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7262 Firmware

    OS
    Amd
    romepi_1.0.0.d
  • Amd Epyc 7272

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7272 Firmware

    OS
    Amd
    romepi_1.0.0.d
  • Amd Epyc 7282

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7282 Firmware

    OS
    Amd
    romepi_1.0.0.d
  • Amd Epyc 72f3

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 72f3 Firmware

    OS
    Amd
    milanpi_1.0.0.5
  • Amd Epyc 7302

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7302 Firmware

    OS
    Amd
    romepi_1.0.0.d
  • Amd Epyc 7302p

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7302p Firmware

    OS
    Amd
    romepi_1.0.0.d
  • Amd Epyc 7313

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7313 Firmware

    OS
    Amd
    milanpi_1.0.0.5
  • Amd Epyc 7313p

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7313p Firmware

    OS
    Amd
    milanpi_1.0.0.5
  • Amd Epyc 7343

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7343 Firmware

    OS
    Amd
    milanpi_1.0.0.5
  • Amd Epyc 7352

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7352 Firmware

    OS
    Amd
    romepi_1.0.0.d
  • Amd Epyc 7373x

    HW
    Amd
    wszystkie wersje
  • Amd Epyc 7373x Firmware

    OS
    Amd
    milanpi_1.0.0.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2021-46756CRITICAL9.1ten sam produkt

Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader may allow...

CVE-2021-26379CRITICAL9.8ten sam produkt

Insufficient input validation of mailbox data in the SMU may allow an attacker to coerce the SMU to corrupt SM...

CVE-2021-26344HIGH7.2ten sam produkt

An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker ...

CVE-2023-20578HIGH7.5ten sam produkt

A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS...

CVE-2024-21980HIGH7.9ten sam produkt

Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially ove...