Insufficient Input Validation in ASP Bootloader from AMD
CVE-2023-20526
4.6MEDIUM
Key Information:
- Vendor
Amd
- Status
- Vendor
- CVE Published:
- 14 November 2023
What is CVE-2023-20526?
The ASP Bootloader by AMD is susceptible to a vulnerability that stems from insufficient input validation, allowing a privileged attacker with physical access to potentially access and expose sensitive ASP memory contents. This could result in a significant loss of confidentiality, making it crucial for users to prioritize security measures to mitigate the risk associated with this flaw.
Affected Version(s)
1st Gen AMD EPYC™ Processors x86 various
2nd Gen AMD EPYC™ Processors x86 various
3rd Gen AMD EPYC™ Processors x86 various